Vulnerabilities > Fedoraproject > Fedora > 27
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-01 | CVE-2022-3602 | Out-of-bounds Write vulnerability in multiple products A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. | 7.5 |
| 2021-03-19 | CVE-2019-10196 | Improper Initialization vulnerability in multiple products A flaw was found in http-proxy-agent, prior to version 2.1.0. | 9.0 |
| 2021-02-06 | CVE-2020-14312 | Unspecified vulnerability in Fedoraproject Fedora A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. network fedoraproject | 4.3 |
| 2018-05-30 | CVE-2018-10196 | NULL Pointer Dereference vulnerability in multiple products NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file. | 5.5 |
| 2018-05-17 | CVE-2018-1111 | Command Injection vulnerability in multiple products DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. | 7.5 |
| 2018-03-19 | CVE-2018-7262 | NULL Pointer Dereference vulnerability in multiple products In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service. | 7.5 |
| 2018-03-06 | CVE-2018-5730 | LDAP Injection vulnerability in multiple products MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. | 3.8 |
| 2018-03-06 | CVE-2018-5729 | NULL Pointer Dereference vulnerability in multiple products MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. | 4.7 |
| 2018-01-22 | CVE-2018-6003 | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. | 7.5 |
| 2018-01-09 | CVE-2017-15129 | Race Condition vulnerability in multiple products A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. | 4.7 |