Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2015-01-21 CVE-2015-0407 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
network
low complexity
redhat canonical debian fedoraproject oracle
5.0
5.0
2015-01-21 CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. 5.4
5.4
2015-01-21 CVE-2015-0382 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381. 4.3
4.3
2015-01-21 CVE-2015-0381 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382. 4.3
4.3
2015-01-21 CVE-2015-0374 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key. 3.5
3.5
2015-01-21 CVE-2014-6568 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. 3.5
3.5
2015-01-16 CVE-2014-9601 Improper Input Validation vulnerability in multiple products
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
network
low complexity
python oracle fedoraproject opensuse CWE-20
5.0
5.0
2015-01-15 CVE-2015-1051 Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter. 5.8
5.8
2015-01-06 CVE-2014-9527 Resource Management Errors vulnerability in multiple products
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
network
low complexity
fedoraproject apache CWE-399
5.0
5.0
2015-01-02 CVE-2014-9449 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
network
low complexity
exiv2 fedoraproject CWE-119
5.0
5.0