Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-03-25 | CVE-2022-0500 | A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. | Fedora, Linux_kernel, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware | 7.8 | ||
2023-01-10 | CVE-2022-4379 | A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial | Fedora, Linux_kernel | 7.5 | ||
2017-03-15 | CVE-2016-7103 | Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | Debian_linux, Fedora, Jquery_ui, Junos, Snapcenter, Application_express, Business_intelligence, Hospitality_cruise_fleet_management, Oss_support_tools, Primavera_unifier, Siebel_ui_framework, Weblogic_server, Openstack | 6.1 | ||
2023-06-12 | CVE-2023-3161 | A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. | Fedora, Linux_kernel, Enterprise_linux | 5.5 | ||
2013-11-19 | CVE-2013-6629 | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | Gpl_ghostscript, Ubuntu_linux, Debian_linux, Fedora, Chrome, Libjpeg\-Turbo, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Solaris | N/A | ||
2014-11-24 | CVE-2010-5312 | Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option. | Drill, Debian_linux, Drupal, Fedora, Jquery_ui, Snapcenter | 6.1 | ||
2016-04-13 | CVE-2016-3630 | The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. | Debian_linux, Fedora, Mercurial, Leap, Opensuse, Linux_enterprise_debuginfo, Linux_enterprise_software_development_kit | 8.8 | ||
2022-04-18 | CVE-2021-42779 | A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. | Fedora, Opensc, Enterprise_linux | 5.3 | ||
2022-04-18 | CVE-2021-42780 | A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. | Fedora, Opensc, Enterprise_linux | 5.3 | ||
2022-04-18 | CVE-2021-42781 | Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. | Fedora, Opensc, Enterprise_linux | 5.3 |