Vulnerabilities > Fedora
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-05-14 | CVE-2015-3983 | Cryptographic Issues vulnerability in Fedora Pacemaker Configuration System 0.9.137 The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 4.3 |
2008-08-29 | CVE-2008-3283 | Resource Management Errors vulnerability in multiple products Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests. | 7.8 |
2008-08-29 | CVE-2008-2930 | Resource Management Errors vulnerability in multiple products Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem. | 7.1 |
2008-08-29 | CVE-2008-2929 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. | 4.3 |
2008-07-21 | CVE-2008-3252 | Buffer Errors vulnerability in Fedora Newsx 1.6 Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. | 10.0 |