The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of RedHat Fedora

libarchive: out-of-bounds memory reading
An attacker can force a read at an invalid address of libarchive, in order to trigger a denial of service...
bulletinapr2017, CVE-2016-10349, CVE-2016-10350, DLA-1006-1, DLA-1600-1, DSA-4360-1, FEDORA-2018-20c24949c0, FEDORA-2018-7734354526, openSUSE-SU-2018:3717-1, SUSE-SU-2018:3640-1, SUSE-SU-2018:3640-2, SUSE-SU-2019:3092-1, USN-3736-1, VIGILANCE-VUL-23111
Perl XML-LibXML: use after free via Node-replaceChild
An attacker can force the usage of a freed memory area via Node-replaceChild of Perl XML-LibXML, in order to trigger a denial of service, and possibly to run code...
122246, CVE-2017-10672, DLA-1171-1, DSA-2019-131, DSA-4042-1, FEDORA-2017-3d5354d30f, FEDORA-2017-534f300508, FEDORA-2017-790ff602a6, openSUSE-SU-2018:0153-1, SUSE-SU-2018:0170-1, USN-3494-1, VIGILANCE-VUL-23109
Libgcrypt: information disclosure via Flush Reload Side-channel Attack
An attacker can bypass access restrictions to data via Flush Reload Side-channel Attack of Libgcrypt, in order to obtain sensitive information...
bulletinoct2017, CVE-2017-7526, DLA-1015-1, DLA-1080-1, DSA-2020-030, DSA-3901-1, DSA-3960-1, FEDORA-2017-3b70d0b976, FEDORA-2017-a348b32eb5, openSUSE-SU-2017:1822-1, SSA:2017-180-04, SSA:2017-213-01, USN-3347-1, USN-3347-2, USN-3733-1, USN-3733-2, VIGILANCE-VUL-23104
QEMU: denial of service via NBD SIGPIPE Signal
An attacker can generate a fatal error via a SIGPIPE signal unhandled by Network Block Device of QEMU, in order to trigger a denial of service...
CVE-2017-10664, DLA-1070-1, DLA-1071-1, DLA-1599-1, DSA-3920-1, FEDORA-2017-b7f1197c23, FEDORA-2017-ed735463e3, openSUSE-SU-2017:2394-1, openSUSE-SU-2017:2398-1, openSUSE-SU-2017:2513-1, openSUSE-SU-2017:2941-1, RHSA-2017:2390-01, RHSA-2017:2445-01, SUSE-SU-2017:2319-1, SUSE-SU-2017:2326-1, SUSE-SU-2017:2327-1, SUSE-SU-2017:2327-2, SUSE-SU-2017:2339-1, SUSE-SU-2017:2416-1, SUSE-SU-2017:2450-1, SUSE-SU-2017:2541-1, SUSE-SU-2017:2936-1, SUSE-SU-2017:2946-1, SUSE-SU-2017:2963-1, SUSE-SU-2017:2969-1, SUSE-SU-2017:3084-1, USN-3414-1, USN-3414-2, VIGILANCE-VUL-23103
glibc: privilege escalation via Setuid Stack
An attacker can bypass restrictions via Setuid Stack of glibc, in order to escalate his privileges...
CERTFR-2017-AVI-238, CERTFR-2017-AVI-365, CVE-2017-1000366, DLA-992-1, DSA-2019-197, DSA-3887-1, FEDORA-2017-698daef73c, FEDORA-2017-79414fefa1, FEDORA-2017-d80ab96e61, JSA10824, JSA10826, JSA10917, K20486351, openSUSE-SU-2017:1629-1, RHSA-2017:1479-01, RHSA-2017:1480-01, RHSA-2017:1481-01, SB10205, SSA:2017-181-01, SUSE-SU-2017:1611-1, SUSE-SU-2017:1614-1, SUSE-SU-2017:1619-1, SUSE-SU-2017:1621-1, Synology-SA-17:22, USN-3323-1, USN-3323-2, VIGILANCE-VUL-23005
systemd: buffer overflow via DNS Responses
An attacker can generate a buffer overflow via DNS Responses of systemd, in order to trigger a denial of service, and possibly to run code...
CVE-2017-9445, FEDORA-2017-29d909f5ec, FEDORA-2017-72f0c1ea9c, FEDORA-2017-956e27bdd6, SUSE-SU-2017:1898-1, USN-3341-1, VIGILANCE-VUL-23092
python-tablib: code execution via Databook Loading
An attacker can use a vulnerability via Databook Loading of python-tablib, in order to run code...
CVE-2017-2810, FEDORA-2017-dd0d5d376f, FEDORA-2017-fe04b06b64, openSUSE-SU-2017:1689-1, VIGILANCE-VUL-23088
WebKitGTK+: memory corruption
An attacker can generate a memory corruption of WebKitGTK+, in order to trigger a denial of service, and possibly to run code...
CVE-2017-2538, FEDORA-2017-37f68e3534, FEDORA-2017-772bf90b03, FEDORA-2017-bff1b87765, openSUSE-SU-2017:2991-1, SUSE-SU-2017:2933-1, USN-3376-1, VIGILANCE-VUL-23075
Flatpak: privilege escalation via Third-party Repositories
An attacker can bypass restrictions via Third-party Repositories of Flatpak, in order to escalate his privileges...
CVE-2017-9780, DSA-3895-1, FEDORA-2017-6b1f07acd9, openSUSE-SU-2018:0389-1, VIGILANCE-VUL-23069
c-ares: out-of-bounds memory reading via NAPTR
An attacker can force a read at an invalid address via NAPTR of c-ares, in order to trigger a denial of service, or to obtain sensitive information...
cpujul2017, CVE-2017-1000381, DLA-998-1, FEDORA-2017-05254795cf, FEDORA-2017-4932c9b886, FEDORA-2017-6dc3fd198d, FEDORA-2017-7c1621d2e8, FEDORA-2017-7c9a5b4791, FEDORA-2017-81522ac6d8, FEDORA-2017-aa44293a53, FEDORA-2017-ba1399832b, openSUSE-SU-2017:1857-1, openSUSE-SU-2017:2179-1, USN-3395-1, VIGILANCE-VUL-23068
Our database contains other pages. You can request a free trial to read them.

Display information about RedHat Fedora: