Total
5262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1168 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. | |||||
| CVE-2012-1161 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results | |||||
| CVE-2012-1160 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php | |||||
| CVE-2012-1159 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2: Overview report allows users to see hidden courses | |||||
| CVE-2012-1158 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export | |||||
| CVE-2012-1157 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default | |||||
| CVE-2012-1156 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Moodle before 2.2.2 has users' private files included in course backups | |||||
| CVE-2012-1155 | 4 Debian, Fedoraproject, Moodle and 1 more | 4 Debian Linux, Fedora, Moodle and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to | |||||
| CVE-2012-1115 | 3 Debian, Fedoraproject, Ldap-account-manager | 3 Debian Linux, Fedora, Ldap Account Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. | |||||
| CVE-2012-1114 | 3 Debian, Fedoraproject, Ldap-account-manager | 3 Debian Linux, Fedora, Ldap Account Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php. | |||||
| CVE-2012-1105 | 3 Apereo, Debian, Fedoraproject | 3 Phpcas, Debian Linux, Fedora | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner. | |||||
| CVE-2012-0049 | 3 Debian, Fedoraproject, Openttd | 3 Debian Linux, Fedora, Openttd | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | |||||
| CVE-2011-4088 | 3 Abrt Project, Fedoraproject, Redhat | 5 Abrt, Fedora, Enterprise Linux Desktop and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ABRT might allow attackers to obtain sensitive information from crash reports. | |||||
| CVE-2011-2924 | 3 Debian, Fedoraproject, Linuxfoundation | 3 Debian Linux, Fedora, Foomatic-filters | 2024-11-21 | 3.3 LOW | 5.5 MEDIUM |
| foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | |||||
| CVE-2011-2726 | 4 Debian, Drupal, Fedoraproject and 1 more | 4 Debian Linux, Drupal, Fedora and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL. | |||||
| CVE-2010-5304 | 2 Fedoraproject, Libvncserver Project | 2 Fedora, Libvncserver | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. | |||||
| CVE-2010-4661 | 5 Debian, Fedoraproject, Opensuse and 2 more | 5 Debian Linux, Fedora, Opensuse and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | |||||
| CVE-2010-4178 | 2 Fedoraproject, Oracle | 2 Fedora, Mysql-gui-tools | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console | |||||
| CVE-2010-4177 | 2 Fedoraproject, Oracle | 2 Fedora, Mysql-gui-tools | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes. | |||||
| CVE-2010-3439 | 3 Cor-entertainment, Debian, Fedoraproject | 3 Alien-arena, Debian Linux, Fedora | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. | |||||