Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora Core
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2944 3 Fedoraproject, Linux, Redhat 3 Fedora Core, Linux Kernel, Enterprise Linux 2024-02-28 4.9 MEDIUM N/A
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.
CVE-2007-1321 4 Debian, Fedoraproject, Qemu and 1 more 5 Debian Linux, Fedora, Fedora Core and 2 more 2024-02-28 7.2 HIGH N/A
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730.
CVE-2006-5170 3 Debian, Fedoraproject, Redhat 8 Debian Linux, Fedora Core, Enterprise Linux and 5 more 2024-02-28 7.5 HIGH N/A
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.
CVE-2007-1320 5 Debian, Fedoraproject, Opensuse and 2 more 6 Debian Linux, Fedora, Fedora Core and 3 more 2024-02-28 7.2 HIGH N/A
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.
CVE-2007-6283 4 Centos, Fedoraproject, Oracle and 1 more 9 Centos, Fedora Core, Linux and 6 more 2024-02-28 4.9 MEDIUM N/A
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
CVE-2007-3103 2 Fedoraproject, Redhat 4 Fedora Core, Enterprise Linux, Enterprise Linux Desktop and 1 more 2024-02-28 6.2 MEDIUM N/A
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
CVE-2007-3847 3 Apache, Canonical, Fedoraproject 4 Http Server, Ubuntu Linux, Fedora and 1 more 2024-02-28 5.0 MEDIUM N/A
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
CVE-2005-2970 4 Apache, Canonical, Fedoraproject and 1 more 6 Http Server, Ubuntu Linux, Fedora Core and 3 more 2024-02-28 5.0 MEDIUM N/A
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.