Fedoraproject: >> Fedora >> 15 Security Vulnerabilities
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-02-06
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-12-05
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-19
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-15
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-14
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
CVSS Score
4.3
EPSS Score
0.006
Published
2019-11-14
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
CVSS Score
4.3
EPSS Score
0.009
Published
2019-11-14
Moodle before 2.2.2: Overview report allows users to see hidden courses
CVSS Score
4.3
EPSS Score
0.009
Published
2019-11-14
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
CVSS Score
2.7
EPSS Score
0.007
Published
2019-11-14
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
CVSS Score
4.3
EPSS Score
0.009
Published
2019-11-14
Page 1