| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Fedora
mod_auth_openidc: open redirect via Logout Backslashes Url
Synthesis of the vulnerability
An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site.
Severity: 1/4.
Creation date: 28/10/2019.
Identifiers: CVE-2019-14857, FEDORA-2019-23638d42f3, FEDORA-2019-7b06f18a10, openSUSE-SU-2019:2499-1, SUSE-SU-2019:2934-1, SUSE-SU-2019:2935-1, VIGILANCE-VUL-30724.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site.
Full Vigil@nce bulletin... (Free trial) |
Linux kernel: buffer overflow via vhost/vhost_net
Synthesis of the vulnerability
An attacker, inside a guest system, can trigger a buffer overflow via vhost/vhost_net of the Linux kernel, in order to trigger a denial of service, and possibly to run code on the host system.
Severity: 2/4.
Creation date: 17/09/2019.
Revision date: 25/09/2019.
Identifiers: CERTFR-2019-AVI-448, CERTFR-2019-AVI-451, CERTFR-2019-AVI-455, CERTFR-2019-AVI-457, CERTFR-2019-AVI-466, CERTFR-2019-AVI-467, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-530, CERTFR-2019-AVI-561, CVE-2019-14835, DLA-1930-1, DLA-1940-1, DSA-4531-1, FEDORA-2019-a570a92d5a, FEDORA-2019-e3010166bd, openSUSE-SU-2019:2173-1, openSUSE-SU-2019:2181-1, RHSA-2019:2827-01, RHSA-2019:2828-01, RHSA-2019:2829-01, RHSA-2019:2830-01, RHSA-2019:2854-01, RHSA-2019:2862-01, RHSA-2019:2863-01, RHSA-2019:2864-01, RHSA-2019:2865-01, RHSA-2019:2866-01, RHSA-2019:2867-01, RHSA-2019:2869-01, RHSA-2019:2899-01, RHSA-2019:2900-01, RHSA-2019:2901-01, SSA:2019-311-01, SUSE-SU-2019:14218-1, SUSE-SU-2019:2412-1, SUSE-SU-2019:2424-1, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2738-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, SUSE-SU-2019:2984-1, USN-4135-1, USN-4135-2, VIGILANCE-VUL-30355.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker, inside a guest system, can trigger a buffer overflow via vhost/vhost_net of the Linux kernel, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial) |
OpenDMARC: adress spoofing via From field duplication
Synthesis of the vulnerability
An attacker can make OpenDMARC skip the DMARC signature check via duplication of From field, in order to spoof a DNS domain.
Severity: 1/4.
Creation date: 20/09/2019.
Identifiers: CVE-2019-16378, DSA-4526-1, FEDORA-2019-24b3f84f6e, FEDORA-2019-e1f0417a24, VIGILANCE-VUL-30369.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can make OpenDMARC skip the DMARC signature check via duplication of From field, in order to spoof a DNS domain.
Full Vigil@nce bulletin... (Free trial) |
ibus: information disclosure via D-Bus socket
Synthesis of the vulnerability
An attacker can bypass access restrictions to data via D-Bus socket of ibus, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 17/09/2019.
Identifiers: CVE-2019-14822, DSA-4525-1, FEDORA-2019-5bf13218a5, FEDORA-2019-b577187ba8, openSUSE-SU-2019:2174-1, openSUSE-SU-2019:2199-1, SUSE-SU-2019:2387-1, SUSE-SU-2019:2388-1, SUSE-SU-2019:2389-1, SUSE-SU-2019:2427-1, USN-4134-1, USN-4134-2, VIGILANCE-VUL-30347.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can bypass access restrictions to data via D-Bus socket of ibus, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
kmplayer: buffer overflow
Synthesis of the vulnerability
An attacker can trigger a buffer overflow of kmplayer, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 17/09/2019.
Identifiers: CVE-2019-9133, FEDORA-2019-32a2bf945e, FEDORA-2019-9b1da08d62, VIGILANCE-VUL-30342.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can trigger a buffer overflow of kmplayer, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
hostapd: denial of service via adress spoofing
Synthesis of the vulnerability
An attacker can disconnect Wi-Fi devices with adress spoofing, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 17/09/2019.
Identifiers: CVE-2019-16275, DLA-1922-1, DSA-4538-1, FEDORA-2019-0e0b28001d, FEDORA-2019-2265b5ae86, FEDORA-2019-65509aac53, FEDORA-2019-740834c559, USN-4136-1, VIGILANCE-VUL-30340.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can disconnect Wi-Fi devices with adress spoofing, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about Fedora:
|