Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-1227

Exploit
  • EPSS 34.75%
  • Veröffentlicht 29.04.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:40:17

A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' co...

5.3

CVE-2022-29869

  • EPSS 1.25%
  • Veröffentlicht 28.04.2022 01:15:06
  • Zuletzt bearbeitet 21.11.2024 06:59:51

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

7.8

CVE-2022-24735

Exploit
  • EPSS 2.05%
  • Veröffentlicht 27.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:50:58

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially highe...

5.5

CVE-2022-24736

Exploit
  • EPSS 0.34%
  • Veröffentlicht 27.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:50:58

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The ...

5.5

CVE-2022-1507

Exploit
  • EPSS 0.23%
  • Veröffentlicht 27.04.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:40:51

chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Derefere...

7.8

CVE-2022-27239

  • EPSS 0.12%
  • Veröffentlicht 27.04.2022 14:15:09
  • Zuletzt bearbeitet 21.11.2024 06:55:28

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

7.5

CVE-2022-24882

Exploit
  • EPSS 1.11%
  • Veröffentlicht 26.04.2022 16:15:47
  • Zuletzt bearbeitet 03.11.2025 21:15:51

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Serve...

9.8

CVE-2022-24883

  • EPSS 0.76%
  • Veröffentlicht 26.04.2022 16:15:47
  • Zuletzt bearbeitet 03.11.2025 21:15:51

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRD...

5.5

CVE-2022-28506

Exploit
  • EPSS 0.07%
  • Veröffentlicht 25.04.2022 13:15:49
  • Zuletzt bearbeitet 21.11.2024 06:57:26

There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.

9.8

CVE-2022-27404

Exploit
  • EPSS 0.13%
  • Veröffentlicht 22.04.2022 14:15:09
  • Zuletzt bearbeitet 21.11.2024 06:55:40

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.