This page lists publicly disclosed CVE vulnerabilities affecting redhat fedora_core (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-6131 | buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files. | [email protected] | 2.1 | 0.07% | 2007-11-26 | 2026-04-23 |
| CVE-2007-2874 | Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information. | [email protected] | 5.8 | 3.59% | 2007-07-27 | 2026-04-23 |
| CVE-2007-2030 | lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. | [email protected] | 4.9 | 0.08% | 2007-04-16 | 2026-04-23 |
| CVE-2007-1352 | Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | [email protected] | 3.8 | 1.70% | 2007-04-06 | 2026-04-23 |
| CVE-2006-6235 | A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. | [email protected] | 10.0 | 8.90% | 2006-12-07 | 2026-04-23 |
| CVE-2006-5701 | Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem. | [email protected] | 4.9 | 0.15% | 2006-11-03 | 2026-04-23 |
| CVE-2006-0745 | X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | [email protected] | 7.2 | 0.18% | 2006-03-21 | 2026-04-16 |
| CVE-2006-0453 | The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite. | [email protected] | 7.8 | 0.83% | 2006-02-14 | 2026-04-16 |
| CVE-2006-0452 | dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite. | [email protected] | 5.0 | 0.76% | 2006-02-14 | 2026-04-16 |
| CVE-2006-0451 | Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite. | [email protected] | 5.0 | 0.76% | 2006-02-14 | 2026-04-16 |
| CVE-2005-3630 | Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives. | [email protected] | 5.0 | 0.46% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | [email protected] | 5.0 | 9.17% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | [email protected] | 10.0 | 11.29% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | [email protected] | 5.0 | 7.22% | 2005-12-31 | 2026-04-16 |
| CVE-2005-1267 | The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. | [email protected] | 5.0 | 11.27% | 2005-06-10 | 2026-04-16 |
| CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | [email protected] | 7.5 | 6.53% | 2005-04-27 | 2026-04-16 |
| CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | [email protected] | 6.8 | 4.72% | 2005-04-27 | 2026-04-16 |
| CVE-2005-0754 | Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. | [email protected] | 7.5 | 2.28% | 2005-04-22 | 2026-04-16 |
| CVE-2004-1235 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | [email protected] | 6.2 | 0.07% | 2005-04-14 | 2026-04-16 |
| CVE-2005-0750 | The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | [email protected] | 7.2 | 0.60% | 2005-03-27 | 2026-04-16 |