Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-24	CVE-2018-14599	Off-by-one Error vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. network low complexity x-org debian canonical fedoraproject redhat CWE-193 critical	9.8
2018-08-24	CVE-2018-14598	Improper Input Validation vulnerability in multiple products An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. network low complexity x-org debian canonical fedoraproject CWE-20	7.5
2018-08-22	CVE-2018-10846	Covert Timing Channel vulnerability in multiple products A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. local high complexity gnu redhat canonical fedoraproject debian CWE-385	5.6
2018-08-22	CVE-2018-10845	Covert Timing Channel vulnerability in multiple products It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. network high complexity gnu redhat canonical fedoraproject debian CWE-385	5.9
2018-08-22	CVE-2018-10844	It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. network high complexity gnu redhat canonical fedoraproject debian	5.9
2018-08-14	CVE-2018-14348	Information Exposure vulnerability in multiple products libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. network low complexity libcgroup-project debian fedoraproject CWE-200	8.1
2018-07-27	CVE-2017-12173	Improper Input Validation vulnerability in multiple products It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. network low complexity redhat fedoraproject CWE-20	8.8
2018-07-18	CVE-2018-10871	Cleartext Storage of Sensitive Information vulnerability in multiple products 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. network low complexity fedoraproject debian CWE-312	7.2
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-06-27	CVE-2017-18342	Deserialization of Untrusted Data vulnerability in multiple products In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. network low complexity pyyaml fedoraproject CWE-502 critical	9.8

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject