The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of RedHat Fedora

ImageMagick: memory leak via ReadAVSImage
An attacker can create a memory leak via ReadAVSImage() of ImageMagick, in order to trigger a denial of service...
CVE-2017-7942, FEDORA-2017-3a568adb31, FEDORA-2017-8f27031c8f, openSUSE-SU-2017:1560-1, USN-3302-1, VIGILANCE-VUL-22864
OpenLDAP: denial of service via the search option "Paged Results"
An attacker can generate a fatal error via the search option "Paged Results" in OpenLDAP, in order to trigger a denial of service...
8655, CVE-2017-9287, DLA-972-1, DSA-3868-1, FEDORA-2017-1ca18683e4, openSUSE-SU-2017:2181-1, RHSA-2017:1852-01, SUSE-SU-2019:0931-1, USN-3307-1, USN-3307-2, VIGILANCE-VUL-22861
mosquitto: privilege escalation via MQTT broker
An attacker can bypass restrictions via MQTT broker of mosquitto, in order to escalate his privileges...
CVE-2017-7650, DLA-961-1, DSA-3865-1, FEDORA-2017-486a536b62, FEDORA-2017-59f85fef2c, FEDORA-2017-c2113aacd2, VIGILANCE-VUL-22855
tnef: integer overflow via unicode_to_utf8
An attacker can generate an integer overflow via unicode_to_utf8() of tnef, in order to trigger a denial of service, and possibly to run code...
CVE-2017-8911, DLA-962-1, DSA-3869-1, FEDORA-2017-2b28a055f2, FEDORA-2017-c2882ae75b, openSUSE-SU-2017:3095-1, VIGILANCE-VUL-22853
Samba: code execution
An attacker can put a shared library into a folder exported with Samba, in order to make it run arbitrary machine code...
1450347, bulletinapr2017, CERTFR-2017-AVI-165, CERTFR-2017-AVI-365, CVE-2017-7494, DLA-951-1, DSA-3860-1, FEDORA-2017-570c0071c4, FEDORA-2017-642a0eca75, FEDORA-2017-c729c6123c, HPESBUX03759, JSA10824, JSA10826, openSUSE-SU-2017:1401-1, openSUSE-SU-2017:1415-1, RHSA-2017:1270-01, RHSA-2017:1271-01, RHSA-2017:1272-01, RHSA-2017:1390-01, SSA:2017-144-01, SUSE-SU-2017:1391-1, SUSE-SU-2017:1392-1, SUSE-SU-2017:1393-1, USN-3296-1, VIGILANCE-VUL-22808
WebKitGTK+: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WebKitGTK+, in order to run JavaScript code in the context of the web site...
1151, CVE-2017-2510, FEDORA-2017-98bc28ae9e, FEDORA-2017-9e83b902f9, FEDORA-2017-d39099ea6a, HT207798, openSUSE-SU-2017:2991-1, openSUSE-SU-2018:0326-1, SUSE-SU-2017:2933-1, SUSE-SU-2018:0219-1, USN-3303-1, VIGILANCE-VUL-22839
Firefox: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox...
1160, CERTFR-2017-AVI-126, CERTFR-2017-AVI-134, CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5437-REJECT, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5450, CVE-2017-5451, CVE-2017-5452, CVE-2017-5453, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460, CVE-2017-5463, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5468, CVE-2017-5469, DLA-906-1, DSA-3831-1, FEDORA-2017-31c64a0bbf, FEDORA-2017-82265ed89e, FEDORA-2017-87e23bcc34, FEDORA-2019-7f7489dc8c, MFSA-2017-10, MFSA-2017-11, MFSA-2017-12, MFSA-2017-13, openSUSE-SU-2017:1099-1, openSUSE-SU-2017:1196-1, openSUSE-SU-2017:1268-1, RHSA-2017:1104-01, RHSA-2017:1106-01, RHSA-2017:1201-01, SSA:2017-112-01, SSA:2017-114-01, SSA:2019-247-01, SUSE-SU-2017:1175-1, SUSE-SU-2017:1248-1, SUSE-SU-2017:1669-1, SUSE-SU-2017:2235-1, USN-3260-1, USN-3260-2, USN-3278-1, VIGILANCE-VUL-22504, ZDI-17-320
Gajim: information disclosure via XEP-0146
An attacker can bypass access restrictions to data via XEP-0146 of Gajim, in order to obtain sensitive information...
8378, 863445, CVE-2016-10376, DLA-967-1, DSA-3943-1, FEDORA-2017-3c561780c8, FEDORA-2017-62547837ba, FEDORA-2017-e6deec5bd0, openSUSE-SU-2017:1506-1, VIGILANCE-VUL-22844
FreeRADIUS: bypass of TLS based flow protection
An attacker can made FreeRADIUS restore a TLS session before the authentication process complete, in order to tamper with the EAP based authentication...
CVE-2017-9148, DLA-977-1, FEDORA-2017-7ee5c17024, FEDORA-2017-e698bba980, openSUSE-SU-2017:1609-1, RHSA-2017:1581-01, USN-3316-1, VIGILANCE-VUL-22840
WebKitGTK+: memory corruption
An attacker can generate a memory corruption of WebKitGTK+, in order to trigger a denial of service, and possibly to run code...
CVE-2017-2539, FEDORA-2017-98bc28ae9e, FEDORA-2017-9e83b902f9, FEDORA-2017-d39099ea6a, HT207798, openSUSE-SU-2017:2991-1, openSUSE-SU-2018:0326-1, SUSE-SU-2017:2933-1, SUSE-SU-2018:0219-1, USN-3303-1, VIGILANCE-VUL-22838
Our database contains other pages. You can request a free trial to read them.

Display information about RedHat Fedora: