Filtered by vendor Fedoraproject
Subscribe
Total
5171 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8568 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | |||||
| CVE-2016-7972 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. | |||||
| CVE-2016-7970 | 2 Fedoraproject, Libass Project | 2 Fedora, Libass | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2016-7969 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | |||||
| CVE-2016-7966 | 4 Debian, Fedoraproject, Kde and 1 more | 4 Debian Linux, Fedora, Kmail and 1 more | 2023-11-07 | 7.5 HIGH | 7.3 HIGH |
| Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content. | |||||
| CVE-2016-7953 | 2 Fedoraproject, X.org | 2 Fedora, Libxvmc | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string. | |||||
| CVE-2016-7952 | 2 Fedoraproject, X.org | 2 Fedora, Libxtst | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data. | |||||
| CVE-2016-7951 | 2 Fedoraproject, X | 2 Fedora, Libxtst | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks. | |||||
| CVE-2016-7950 | 2 Fedoraproject, X.org | 2 Fedora, Libxrender | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths. | |||||
| CVE-2016-7949 | 2 Fedoraproject, X.org | 2 Fedora, Libxrender | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields. | |||||
| CVE-2016-7948 | 2 Fedoraproject, X.org | 2 Fedora, Libxrandr | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. | |||||
| CVE-2016-7947 | 2 Fedoraproject, X.org | 2 Fedora, Libxrandr | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. | |||||
| CVE-2016-7946 | 2 Fedoraproject, X.org | 2 Fedora, Libxi | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields. | |||||
| CVE-2016-7945 | 2 Fedoraproject, X.org | 2 Fedora, Libxi | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields. | |||||
| CVE-2016-7944 | 2 Fedoraproject, X.org | 2 Fedora, Libxfixes | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync. | |||||
| CVE-2016-7943 | 2 Fedoraproject, X.org | 2 Fedora, Libx11 | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations. | |||||
| CVE-2016-7942 | 2 Fedoraproject, X.org | 2 Fedora, Libx11 | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations. | |||||
| CVE-2016-7545 | 3 Fedoraproject, Redhat, Selinux Project | 7 Fedora, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2023-11-07 | 7.2 HIGH | 8.8 HIGH |
| SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | |||||
| CVE-2016-7543 | 2 Fedoraproject, Gnu | 2 Fedora, Bash | 2023-11-07 | 7.2 HIGH | 8.4 HIGH |
| Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. | |||||
| CVE-2016-7405 | 3 Adodb Project, Fedoraproject, Php | 3 Adodb, Fedora, Php | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. | |||||