Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 13.06.2026 02:34:37
  • Zuletzt bearbeitet 29.06.2026 17:48:06

A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory wi...

  • EPSS 0.14%
  • Veröffentlicht 13.06.2026 02:34:35
  • Zuletzt bearbeitet 30.06.2026 03:21:02

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell pr...

  • EPSS 0.15%
  • Veröffentlicht 01.04.2026 13:54:00
  • Zuletzt bearbeitet 07.04.2026 16:25:48

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can...

  • EPSS 0.18%
  • Veröffentlicht 01.04.2026 13:54:00
  • Zuletzt bearbeitet 30.06.2026 03:19:01

A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypass security restrictions. This allows the attacker to run unauthorized code with the same p...

  • EPSS 0.19%
  • Veröffentlicht 14.11.2024 11:15:03
  • Zuletzt bearbeitet 18.11.2024 22:08:54

A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the s...

  • EPSS 0.51%
  • Veröffentlicht 02.08.2024 21:16:30
  • Zuletzt bearbeitet 27.12.2024 16:15:24

A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious ...

Exploit
  • EPSS 0.52%
  • Veröffentlicht 24.06.2024 22:15:10
  • Zuletzt bearbeitet 26.12.2024 16:02:51

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 0.51%
  • Veröffentlicht 24.06.2024 22:15:10
  • Zuletzt bearbeitet 26.12.2024 16:26:46

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 0.55%
  • Veröffentlicht 24.06.2024 22:15:10
  • Zuletzt bearbeitet 26.12.2024 16:26:31

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 0.52%
  • Veröffentlicht 24.06.2024 22:15:10
  • Zuletzt bearbeitet 26.12.2024 16:26:22

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)