Fedora

fedora

Vendor: Redhat • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-19139 3Debian Jasper ProjectRedhat 3Debian Linux FedoraJasper Nov 21, 2024 Nov 9, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
CVE-2011-1011 1Redhat 3Enterprise Linux FedoraPolicycoreutils Apr 29, 2026 Feb 24, 2011 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new...Show more The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.Show less
CVE-2009-3080 7Canonical DebianLinux+4 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+10 more Apr 23, 2026 Nov 20, 2009 N/A· v4 N/A· v3 7.2 HIGH· v2 Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an...Show more Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.Show less
CVE-2009-1573 4Branden Robinson DebianRedhat+1 more 4Debian Linux FedoraLinux+1 more Apr 23, 2026 May 6, 2009 N/A· v4 N/A· v3 4.6 MEDIUM· v2 xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its...Show more xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.Show less
CVE-2008-3832 1Redhat 1Fedora Apr 23, 2026 Oct 3, 2008 N/A· v4 N/A· v3 4.9 MEDIUM· v2 A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system...Show more A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function.Show less
CVE-2008-3524 1Redhat 2Fedora Initscripts Apr 23, 2026 Sep 29, 2008 N/A· v4 N/A· v3 4.7 MEDIUM· v2 rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.
CVE-2007-5962 3Foresight Linux RedhatRpath 4Appliance Platform Agent AppliancesEnterprise Linux+1 more Apr 23, 2026 May 22, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of servi...Show more Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.Show less
CVE-2007-6284 3Debian MandrakesoftRedhat 4Debian Linux FedoraMandrake Linux+1 more Apr 23, 2026 Jan 12, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
CVE-2007-4134 1Redhat 1Fedora Apr 23, 2026 Aug 30, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR arch...Show more Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.Show less