Vulnerabilities > Fedoraproject > Fedora > 18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2013-4158 | Cross-site Scripting vulnerability in multiple products smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) | 6.1 |
| 2019-12-05 | CVE-2012-1115 | Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. | 6.1 |
| 2019-12-05 | CVE-2012-1114 | Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. | 6.1 |
| 2019-12-03 | CVE-2013-4411 | Incorrect Authorization vulnerability in multiple products Review Board: URL processing gives unauthorized users access to review lists | 4.3 |
| 2019-12-02 | CVE-2013-4410 | Incorrect Authorization vulnerability in multiple products ReviewBoard: has an access-control problem in REST API | 7.5 |
| 2019-12-02 | CVE-2012-4480 | Improper Privilege Management vulnerability in multiple products mom creates world-writable pid files in /var/run | 7.8 |
| 2019-11-25 | CVE-2012-5644 | Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory | 5.5 |
| 2019-11-25 | CVE-2012-5630 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. | 6.3 |
| 2019-11-25 | CVE-2012-5617 | Improper Privilege Management vulnerability in multiple products gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation | 7.8 |
| 2019-11-25 | CVE-2012-5535 | Information Exposure vulnerability in multiple products gnome-system-log polkit policy allows arbitrary files on the system to be read | 7.5 |