Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2022-24806

  • EPSS 0.14%
  • Veröffentlicht 16.04.2024 20:15:08
  • Zuletzt bearbeitet 17.01.2025 16:09:56

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subag...

6.5

CVE-2022-24807

  • EPSS 0.5%
  • Veröffentlicht 16.04.2024 20:15:08
  • Zuletzt bearbeitet 17.01.2025 16:15:01

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-writ...

6.5

CVE-2022-24808

  • EPSS 0.2%
  • Veröffentlicht 16.04.2024 20:15:08
  • Zuletzt bearbeitet 17.01.2025 16:16:28

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dere...

8.8

CVE-2022-24805

  • EPSS 0.48%
  • Veröffentlicht 16.04.2024 20:15:07
  • Zuletzt bearbeitet 17.01.2025 16:04:56

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read...

5.9

CVE-2024-31497

Medienbericht
  • EPSS 14.7%
  • Veröffentlicht 15.04.2024 20:15:11
  • Zuletzt bearbeitet 27.03.2025 15:15:51

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is abl...

8

CVE-2023-49528

Exploit
  • EPSS 0.06%
  • Veröffentlicht 12.04.2024 06:15:06
  • Zuletzt bearbeitet 03.06.2025 11:00:35

Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.

7

CVE-2023-29483

Exploit
  • EPSS 4.86%
  • Veröffentlicht 11.04.2024 14:15:12
  • Zuletzt bearbeitet 17.06.2025 20:50:56

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspyth...

9.6

CVE-2024-3157

Exploit
  • EPSS 0.81%
  • Veröffentlicht 10.04.2024 19:15:49
  • Zuletzt bearbeitet 27.03.2025 16:15:26

Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)

6.5

CVE-2024-3515

Exploit
  • EPSS 0.18%
  • Veröffentlicht 10.04.2024 19:15:49
  • Zuletzt bearbeitet 19.12.2024 16:19:23

Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-3516

Exploit
  • EPSS 0.46%
  • Veröffentlicht 10.04.2024 19:15:49
  • Zuletzt bearbeitet 13.03.2025 18:15:41

Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)