Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 15  Security Vulnerabilities
CVE-2012-1169
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
CVSS Score
5.3
EPSS Score
0.01
Published
2019-11-14
CVE-2012-1155
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
CVSS Score
7.5
EPSS Score
0.013
Published
2019-11-14
CVE-2012-1156
Moodle before 2.2.2 has users' private files included in course backups
CVSS Score
7.5
EPSS Score
0.012
Published
2019-11-14
CVE-2012-1168
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
CVSS Score
8.2
EPSS Score
0.022
Published
2019-11-14
CVE-2010-4661
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-13
CVE-2012-0049
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
CVSS Score
4.3
EPSS Score
0.006
Published
2019-11-07
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
CVSS Score
4.7
EPSS Score
0.0
Published
2019-04-24
CVE-2019-11234
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
CVSS Score
9.8
EPSS Score
0.173
Published
2019-04-22
CVE-2014-0477
The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.
CVSS Score
5.0
EPSS Score
0.018
Published
2014-07-03
CVE-2014-3470
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
CVSS Score
4.3
EPSS Score
0.92
Published
2014-06-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved