← Back

Fedorahosted

fedorahosted

5 CVEs • 3 products

Products (3)

Click to collapse
Toggle
Sssd
sssd
2 CVEs
Cronie
cronie
2 CVEs
Newt
newt
1 CVE

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-6097
1Fedorahosted
1Cronie
Apr 29, 2026
Apr 9, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab.
CVE-2010-4341
2Fedorahosted
Fedoraproject
2Sssd
Sssd
Apr 29, 2026
Jan 25, 2011
N/A· v4
N/A· v3
2.1 LOW· v2
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a cr...Show more
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.Show less
CVE-2010-0424
2Fedorahosted
Paul Vixie
2Cronie
Vixie Cron
Apr 29, 2026
Feb 25, 2010
N/A· v4
N/A· v3
3.3 LOW· v2
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a syml...Show more
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.Show less
CVE-2009-2905
1Fedorahosted
1Newt
Apr 23, 2026
Sep 29, 2009
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text di...Show more
Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.Show less
CVE-2009-2410
1Fedorahosted
1Sssd
Apr 23, 2026
Jul 30, 2009
N/A· v4
N/A· v3
7.5 HIGH· v2
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain ac...Show more
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection.Show less