Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 22  Security Vulnerabilities
CVE-2015-5219
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
CVSS Score
7.5
EPSS Score
0.036
Published
2017-07-21
CVE-2015-5300
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
CVSS Score
7.5
EPSS Score
0.178
Published
2017-07-21
CVE-2016-2173
org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.213
Published
2017-04-21
CVE-2016-0720
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-04-21
CVE-2016-0721
Session fixation vulnerability in pcsd in pcs before 0.9.157.
CVSS Score
8.1
EPSS Score
0.004
Published
2017-04-21
CVE-2015-8567
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
7.7
EPSS Score
0.048
Published
2017-04-13
CVE-2015-4645
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-17
CVE-2015-7977
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVSS Score
5.9
EPSS Score
0.116
Published
2017-01-30
CVE-2016-2312
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
CVSS Score
6.8
EPSS Score
0.001
Published
2016-12-23
CVE-2015-2080
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
CVSS Score
7.5
EPSS Score
0.921
Published
2016-10-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved