This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Fedoraproject First view 2018-08-22
Product Fedora Last view 2021-01-13
Version 32 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:fedoraproject:fedora

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.1 2021-01-13 CVE-2020-28374

In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.

7.5 2020-12-14 CVE-2020-8286

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

7.5 2020-12-14 CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

3.7 2020-12-14 CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

5.4 2020-12-11 CVE-2020-35132

An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.

7.8 2020-12-11 CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

7.8 2020-12-09 CVE-2020-29661

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

4.4 2020-12-09 CVE-2020-29660

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

3.3 2020-12-08 CVE-2020-27818

A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.

8.8 2020-12-03 CVE-2020-13584

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.

7.8 2020-11-19 CVE-2020-28949

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

7.8 2020-11-19 CVE-2020-28948

Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

5.5 2020-11-19 CVE-2020-28941

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.

5.3 2020-11-19 CVE-2020-25703

The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, and 3.10.

6.1 2020-11-19 CVE-2020-25702

In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10.

5.3 2020-11-19 CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.

6.5 2020-11-19 CVE-2020-25700

In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.8.6, 3.7.9, 3.5.15, and 3.10.

7.5 2020-11-19 CVE-2020-25699

In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.

7.5 2020-11-19 CVE-2020-25698

Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users without having permission to do so. Versions affected: 3.5 to 3.5.14, 3.7 to 3.7.8, 3.8 to 3.8.5, 3.9 to 3.9.2 and earlier unsupported versions. Fixed in 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.

4.4 2020-11-10 CVE-2020-28368

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.

8.8 2020-11-03 CVE-2020-16009

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-11-03 CVE-2020-16002

Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

5.5 2020-11-03 CVE-2020-15989

Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

8.8 2020-11-03 CVE-2020-15987

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.

6.5 2020-11-03 CVE-2020-15986

Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
13% (18) CWE-416 Use After Free
7% (10) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
6% (8) CWE-200 Information Exposure
6% (8) CWE-125 Out-of-bounds Read
5% (7) CWE-20 Improper Input Validation
4% (6) CWE-787 Out-of-bounds Write
4% (6) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
3% (5) CWE-269 Improper Privilege Management
3% (5) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
3% (5) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
3% (4) CWE-476 NULL Pointer Dereference
3% (4) CWE-362 Race Condition
2% (3) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (3) CWE-295 Certificate Issues
2% (3) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (3) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
2% (3) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (2) CWE-776 Unrestricted Recursive Entity References in DTDs ('XML Bomb')
1% (2) CWE-755 Improper Handling of Exceptional Conditions
1% (2) CWE-667 Insufficient Locking
1% (2) CWE-502 Deserialization of Untrusted Data
1% (2) CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli...
1% (2) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (1) CWE-763 Release of Invalid Pointer or Reference
0% (1) CWE-681 Incorrect Conversion between Numeric Types

Snort® IPS/IDS

Date Description
2020-12-08 TRUFFLEHUNTER TALOS-2020-1195 attack attempt
RuleID : 56382 - Type : BROWSER-WEBKIT - Revision : 1
2020-12-08 TRUFFLEHUNTER TALOS-2020-1195 attack attempt
RuleID : 56381 - Type : BROWSER-WEBKIT - Revision : 1
2020-12-08 TRUFFLEHUNTER TALOS-2020-1195 attack attempt
RuleID : 56380 - Type : BROWSER-WEBKIT - Revision : 1
2020-12-08 TRUFFLEHUNTER TALOS-2020-1195 attack attempt
RuleID : 56379 - Type : BROWSER-WEBKIT - Revision : 1
2020-12-10 Microsoft Windows malicious Netlogon NetrServerAuthenticate3 request attempt
RuleID : 56290 - Type : OS-WINDOWS - Revision : 6
2020-12-08 PyYAML Python object serialization attempt
RuleID : 56224 - Type : POLICY-OTHER - Revision : 1
2020-12-08 PyYAML Python object serialization attempt
RuleID : 56223 - Type : POLICY-OTHER - Revision : 1
2020-10-22 Microsoft Windows NetrServerReqChallenge RPC transport sign and seal disablin...
RuleID : 55802 - Type : OS-WINDOWS - Revision : 1
2020-10-20 Microsoft Windows Netlogon crafted NetrServerAuthenticate elevation of privil...
RuleID : 55704 - Type : OS-WINDOWS - Revision : 2
2020-10-20 Microsoft Windows Netlogon crafted NetrServerReqChallenge elevation of privil...
RuleID : 55703 - Type : OS-WINDOWS - Revision : 2
2020-07-07 Apache Tomcat FileStore directory traversal attempt
RuleID : 54162 - Type : SERVER-WEBAPP - Revision : 1

Nessus® Vulnerability Scanner

id Description
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1005.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1444.nasl - Type: ACT_GATHER_INFO
2018-12-17 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3050.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1120.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Debian host is missing a security update.
File: debian_DLA-1560.nasl - Type: ACT_GATHER_INFO