Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2020-13576

Exploit
  • EPSS 0.76%
  • Veröffentlicht 10.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:01:32

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

7.5

CVE-2020-13577

Exploit
  • EPSS 0.15%
  • Veröffentlicht 10.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:01:32

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

7.9

CVE-2021-0326

  • EPSS 15.53%
  • Veröffentlicht 10.02.2021 17:15:19
  • Zuletzt bearbeitet 21.11.2024 05:42:31

In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed...

9.8

CVE-2021-27135

  • EPSS 0.87%
  • Veröffentlicht 10.02.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:23

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.

9.8

CVE-2021-26937

Exploit
  • EPSS 4.06%
  • Veröffentlicht 09.02.2021 20:15:14
  • Zuletzt bearbeitet 09.05.2025 20:15:36

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

8.8

CVE-2021-21148

Warnung
  • EPSS 37.79%
  • Veröffentlicht 09.02.2021 16:15:12
  • Zuletzt bearbeitet 05.02.2025 13:56:56

Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.6

CVE-2021-21142

  • EPSS 0.61%
  • Veröffentlicht 09.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:47:38

Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

8.8

CVE-2021-21143

  • EPSS 0.35%
  • Veröffentlicht 09.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:47:39

Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

8.8

CVE-2021-21144

  • EPSS 0.32%
  • Veröffentlicht 09.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:47:39

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

8.8

CVE-2021-21145

  • EPSS 0.64%
  • Veröffentlicht 09.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:47:39

Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.