Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2018-12207 Improper Input Validation vulnerability in multiple products
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
6.5
2019-11-14 CVE-2019-11135 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. 6.5
2019-11-14 CVE-2019-14818 Memory Leak vulnerability in multiple products
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors.
network
low complexity
dpdk redhat fedoraproject CWE-401
7.5
2019-11-14 CVE-2012-1170 Improper Validation of Integrity Check Value vulnerability in multiple products
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
network
low complexity
moodle fedoraproject CWE-354
7.5
2019-11-14 CVE-2012-1169 Information Exposure vulnerability in multiple products
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
network
low complexity
moodle fedoraproject CWE-200
5.3
2019-11-14 CVE-2012-1161 Information Exposure vulnerability in multiple products
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
network
low complexity
moodle fedoraproject CWE-200
4.3
2019-11-14 CVE-2012-1160 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
network
low complexity
moodle fedoraproject CWE-732
2.7
2019-11-14 CVE-2012-1159 Information Exposure vulnerability in multiple products
Moodle before 2.2.2: Overview report allows users to see hidden courses
network
low complexity
moodle fedoraproject CWE-200
4.3
2019-11-14 CVE-2012-1158 Information Exposure vulnerability in multiple products
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
network
low complexity
moodle fedoraproject CWE-200
4.3
2019-11-14 CVE-2012-1157 Incorrect Default Permissions vulnerability in multiple products
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
network
low complexity
moodle fedoraproject CWE-276
4.3