Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-5837

  • EPSS 0.2%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:26

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5836

  • EPSS 0.32%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 14.03.2025 19:15:48

Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High)

8.8

CVE-2024-5835

  • EPSS 0.08%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:26

Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: H...

8.8

CVE-2024-5834

  • EPSS 0.88%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:25

Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5833

  • EPSS 0.2%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:25

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5832

  • EPSS 0.26%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:25

Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5831

  • EPSS 0.29%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:25

Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5830

  • EPSS 6.19%
  • Veröffentlicht 11.06.2024 21:15:54
  • Zuletzt bearbeitet 21.11.2024 09:48:25

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-35242

  • EPSS 25.51%
  • Veröffentlicht 10.06.2024 22:15:09
  • Zuletzt bearbeitet 13.02.2025 18:18:05

Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cl...

8.8

CVE-2024-35241

  • EPSS 0.48%
  • Veröffentlicht 10.06.2024 22:15:09
  • Zuletzt bearbeitet 21.04.2025 16:15:54

Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `status`, `reinstall` and `remove` commands with packages installed from source via git containing specially crafted branch names in the repository ca...