Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2023-5349

Exploit
  • EPSS 0.05%
  • Veröffentlicht 30.10.2023 21:15:07
  • Zuletzt bearbeitet 21.11.2024 08:41:35

A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.

7.5

CVE-2023-34058

  • EPSS 0.03%
  • Veröffentlicht 27.10.2023 05:15:38
  • Zuletzt bearbeitet 06.03.2025 16:15:41

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a...

7.8

CVE-2023-5367

  • EPSS 0.06%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.08.2025 21:15:27

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...

4.7

CVE-2023-5380

  • EPSS 0.08%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 21.11.2024 08:41:39

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a wi...

6.5

CVE-2023-41983

  • EPSS 1.11%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:22:02

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

8.8

CVE-2023-42852

  • EPSS 2.17%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 05.05.2025 15:15:53

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

8.8

CVE-2023-5472

  • EPSS 1.46%
  • Veröffentlicht 25.10.2023 18:17:43
  • Zuletzt bearbeitet 01.05.2025 19:15:56

Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-31122

  • EPSS 0.43%
  • Veröffentlicht 23.10.2023 07:15:11
  • Zuletzt bearbeitet 01.08.2025 02:03:27

Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

5.9

CVE-2023-45802

  • EPSS 1.74%
  • Veröffentlicht 23.10.2023 07:15:11
  • Zuletzt bearbeitet 25.08.2025 02:09:55

When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, ...

8.8

CVE-2023-5686

Exploit
  • EPSS 0.08%
  • Veröffentlicht 20.10.2023 17:15:08
  • Zuletzt bearbeitet 21.11.2024 08:42:16

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.