Filtered by vendor Fedoraproject Subscriptions
Filtered by product Fedora Subscriptions
Total 5191 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-0302 4 Apple, Canonical, Fedoraproject and 1 more 10 Cups, Mac Os X, Mac Os X Server and 7 more 2024-11-21 7.5 High
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
CVE-2010-0205 8 Apple, Canonical, Debian and 5 more 8 Mac Os X, Ubuntu Linux, Debian Linux and 5 more 2024-11-21 N/A
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
CVE-2010-0050 4 Apple, Canonical, Fedoraproject and 1 more 5 Iphone Os, Safari, Ubuntu Linux and 2 more 2024-11-21 8.8 High
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
CVE-2010-0013 6 Adium, Fedoraproject, Opensuse and 3 more 7 Adium, Fedora, Opensuse and 4 more 2024-11-21 7.5 High
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
CVE-2009-4135 3 Canonical, Fedoraproject, Gnu 3 Ubuntu Linux, Fedora, Coreutils 2024-11-21 N/A
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
CVE-2009-3767 5 Apple, Fedoraproject, Openldap and 2 more 6 Mac Os X, Fedora, Openldap and 3 more 2024-11-21 N/A
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2009-3621 7 Canonical, Fedoraproject, Linux and 4 more 10 Ubuntu Linux, Fedora, Linux Kernel and 7 more 2024-11-21 5.5 Medium
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
CVE-2009-3620 6 Canonical, Fedoraproject, Linux and 3 more 11 Ubuntu Linux, Fedora, Linux Kernel and 8 more 2024-11-21 7.8 High
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
CVE-2009-3612 6 Canonical, Fedoraproject, Linux and 3 more 9 Ubuntu Linux, Fedora, Linux Kernel and 6 more 2024-11-21 N/A
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.
CVE-2009-3611 2 Fedoraproject, Le-web 2 Fedora, Backintime 2024-11-21 7.1 High
common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777 before deleting the files in an old backup snapshot, which allows local users to obtain sensitive information by reading these files, or interfere with backup integrity by modifying files that are shared across snapshots.
CVE-2009-3564 2 Fedoraproject, Reductivelabs 2 Fedora, Puppet 2024-11-21 N/A
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
CVE-2009-3555 9 Apache, Canonical, Debian and 6 more 15 Http Server, Ubuntu Linux, Debian Linux and 12 more 2024-11-21 N/A
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
CVE-2009-3553 5 Apple, Canonical, Debian and 2 more 7 Cups, Mac Os X, Mac Os X Server and 4 more 2024-11-21 7.5 High
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
CVE-2009-3547 8 Canonical, Fedoraproject, Linux and 5 more 17 Ubuntu Linux, Fedora, Linux Kernel and 14 more 2024-11-21 7.0 High
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
CVE-2009-3231 5 Canonical, Fedoraproject, Opensuse and 2 more 6 Ubuntu Linux, Fedora, Opensuse and 3 more 2024-11-21 N/A
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
CVE-2009-3095 7 Apache, Apple, Debian and 4 more 10 Http Server, Mac Os X, Debian Linux and 7 more 2024-11-21 N/A
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
CVE-2009-3094 4 Apache, Debian, Fedoraproject and 1 more 6 Http Server, Debian Linux, Fedora and 3 more 2024-11-21 N/A
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
CVE-2009-2910 6 Canonical, Fedoraproject, Linux and 3 more 15 Ubuntu Linux, Fedora, Linux Kernel and 12 more 2024-11-21 N/A
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
CVE-2009-2904 3 Fedoraproject, Openbsd, Redhat 5 Fedora, Openssh, Enterprise Linux and 2 more 2024-11-21 N/A
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
CVE-2009-2848 8 Canonical, Fedoraproject, Linux and 5 more 15 Ubuntu Linux, Fedora, Linux Kernel and 12 more 2024-11-21 N/A
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.