Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-23 | CVE-2016-7966 | Code Injection vulnerability in multiple products Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. | 7.3 |
| 2016-12-23 | CVE-2016-2312 | 7PK - Security Features vulnerability in multiple products Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. | 4.6 |
| 2016-12-13 | CVE-2016-2334 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. | 7.8 |
| 2016-12-13 | CVE-2016-7953 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string. | 9.8 |
| 2016-12-13 | CVE-2016-7952 | Improper Access Control vulnerability in multiple products X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | 7.5 |
| 2016-12-13 | CVE-2016-7951 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks. | 9.8 |
| 2016-12-13 | CVE-2016-7950 | Out-of-bounds Write vulnerability in multiple products The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths. | 9.8 |
| 2016-12-13 | CVE-2016-7949 | Out-of-bounds Write vulnerability in multiple products Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields. | 9.8 |
| 2016-12-13 | CVE-2016-7948 | Out-of-bounds Write vulnerability in multiple products X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. | 9.8 |
| 2016-12-13 | CVE-2016-7947 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. | 9.8 |