Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2010-08-05 CVE-2010-2547 Use After Free vulnerability in multiple products
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.
network
high complexity
gnupg fedoraproject debian CWE-416
8.1
2010-03-15 CVE-2010-0050 Use After Free vulnerability in multiple products
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
network
low complexity
apple fedoraproject canonical opensuse CWE-416
8.8
2010-03-05 CVE-2010-0302 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count.
network
low complexity
apple fedoraproject canonical redhat CWE-416
7.5
2010-01-09 CVE-2010-0013 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a ..
7.5
2009-11-20 CVE-2009-3553 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count.
7.5
2009-11-04 CVE-2009-3547 Operation on a Resource after Expiration or Release vulnerability in multiple products
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
7.0
2009-10-26 CVE-2009-3611 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777 before deleting the files in an old backup snapshot, which allows local users to obtain sensitive information by reading these files, or interfere with backup integrity by modifying files that are shared across snapshots.
local
low complexity
le-web fedoraproject CWE-732
7.1
2009-10-22 CVE-2009-3620 Use of Uninitialized Resource vulnerability in multiple products
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
7.8
2009-09-15 CVE-2009-2629 Out-of-bounds Write vulnerability in multiple products
Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
network
low complexity
f5 debian fedoraproject CWE-787
7.5
2009-08-27 CVE-2009-2698 NULL Pointer Dereference vulnerability in multiple products
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
7.8