Filtered by vendor Fedoraproject
Subscriptions
Total
5403 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-13747 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | 7.5 High |
| There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. | ||||
| CVE-2017-16876 | 2 Fedoraproject, Mistune Project | 2 Fedora, Mistune | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument. | ||||
| CVE-2016-9446 | 3 Fedoraproject, Gstreamer Project, Redhat | 9 Fedora, Gstreamer, Enterprise Linux and 6 more | 2025-04-20 | 7.5 High |
| The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. | ||||
| CVE-2016-8691 | 4 Debian, Fedoraproject, Jasper Project and 1 more | 4 Debian Linux, Fedora, Jasper and 1 more | 2025-04-20 | N/A |
| The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command. | ||||
| CVE-2016-9108 | 2 Artifex, Fedoraproject | 2 Mujs, Fedora | 2025-04-20 | 7.5 High |
| Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression. | ||||
| CVE-2016-9397 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2025-04-20 | 7.5 High |
| The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | ||||
| CVE-2016-9956 | 3 Debian, Fedoraproject, Flightgear | 3 Debian Linux, Fedora, Flightgear | 2025-04-20 | N/A |
| The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. | ||||
| CVE-2016-7969 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2025-04-20 | 7.5 High |
| The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | ||||
| CVE-2016-8568 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2025-04-20 | N/A |
| The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | ||||
| CVE-2015-5195 | 5 Canonical, Debian, Fedoraproject and 2 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2025-04-20 | N/A |
| ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. | ||||
| CVE-2016-8569 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2025-04-20 | N/A |
| The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. | ||||
| CVE-2016-9961 | 5 Fedoraproject, Game-music-emu Project, Novell and 2 more | 7 Fedora, Game-music-emu, Suse Linux Enterprise Desktop and 4 more | 2025-04-20 | N/A |
| game-music-emu before 0.6.1 mishandles unspecified integer values. | ||||
| CVE-2017-6314 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdk-pixbuf | 2025-04-20 | 5.5 Medium |
| The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file. | ||||
| CVE-2016-6233 | 2 Fedoraproject, Zend | 2 Fedora, Zend Framework | 2025-04-20 | N/A |
| The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression. | ||||
| CVE-2016-4797 | 2 Fedoraproject, Uclouvain | 2 Fedora, Openjpeg | 2025-04-20 | N/A |
| Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947. | ||||
| CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2025-04-20 | N/A |
| Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2016-6299 | 2 Fedoraproject, Mock Project | 2 Fedora, Scm Plugin | 2025-04-20 | N/A |
| The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | ||||
| CVE-2015-5203 | 5 Fedoraproject, Jasper Project, Opensuse and 2 more | 6 Fedora, Jasper, Leap and 3 more | 2025-04-20 | N/A |
| Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. | ||||
| CVE-2017-6313 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdk-pixbuf | 2025-04-20 | 7.1 High |
| Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. | ||||
| CVE-2015-5221 | 5 Fedoraproject, Jasper Project, Opensuse and 2 more | 6 Fedora, Jasper, Leap and 3 more | 2025-04-20 | N/A |
| Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. | ||||