Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2

CVE-2020-11987

  • EPSS 0.63%
  • Veröffentlicht 24.02.2021 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:03

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arb...

8.2

CVE-2020-11988

  • EPSS 0.17%
  • Veröffentlicht 24.02.2021 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:03

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying...

7.8

CVE-2020-28599

Exploit
  • EPSS 1.36%
  • Veröffentlicht 24.02.2021 16:15:14
  • Zuletzt bearbeitet 21.11.2024 05:22:59

A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vul...

2.5

CVE-2021-27645

  • EPSS 0.04%
  • Veröffentlicht 24.02.2021 15:15:13
  • Zuletzt bearbeitet 09.06.2025 15:15:25

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the loc...

5.5

CVE-2021-3407

  • EPSS 1.48%
  • Veröffentlicht 23.02.2021 23:15:14
  • Zuletzt bearbeitet 21.11.2024 06:21:25

A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.

7.8

CVE-2021-3410

Exploit
  • EPSS 0.21%
  • Veröffentlicht 23.02.2021 23:15:14
  • Zuletzt bearbeitet 21.11.2024 06:21:26

A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context.

5.5

CVE-2021-26927

Exploit
  • EPSS 0.07%
  • Veröffentlicht 23.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:03

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.

6.5

CVE-2021-3405

Exploit
  • EPSS 1.48%
  • Veröffentlicht 23.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:25

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.

7.4

CVE-2021-20247

Exploit
  • EPSS 1.45%
  • Veröffentlicht 23.02.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:12

A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access ...

7.1

CVE-2021-26926

Exploit
  • EPSS 0.1%
  • Veröffentlicht 23.02.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:57:03

A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.