Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-28705

  • EPSS 0.12%
  • Veröffentlicht 24.11.2021 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:00:10

issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mod...

7.8

CVE-2021-28709

  • EPSS 0.09%
  • Veröffentlicht 24.11.2021 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:00:11

issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mod...

8.8

CVE-2021-28704

  • EPSS 0.09%
  • Veröffentlicht 24.11.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:10

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a wa...

8.6

CVE-2021-28706

  • EPSS 0.16%
  • Veröffentlicht 24.11.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:11

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calcula...

8.8

CVE-2021-28707

  • EPSS 0.09%
  • Veröffentlicht 24.11.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:11

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a wa...

8.8

CVE-2021-28708

  • EPSS 0.09%
  • Veröffentlicht 24.11.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:11

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a wa...

8.8

CVE-2021-37997

  • EPSS 0.99%
  • Veröffentlicht 23.11.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:16:13

Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2021-37998

  • EPSS 1.19%
  • Veröffentlicht 23.11.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:16:13

Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.1

CVE-2021-37999

Exploit
  • EPSS 0.54%
  • Veröffentlicht 23.11.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:16:14

Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.

6.1

CVE-2021-38000

Warnung Exploit
  • EPSS 2.51%
  • Veröffentlicht 23.11.2021 22:15:07
  • Zuletzt bearbeitet 24.10.2025 13:55:42

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.