Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2023-41359

  • EPSS 0.25%
  • Veröffentlicht 29.08.2023 04:15:16
  • Zuletzt bearbeitet 21.11.2024 08:21:08

An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.

9.1

CVE-2023-41360

  • EPSS 0.24%
  • Veröffentlicht 29.08.2023 04:15:16
  • Zuletzt bearbeitet 21.11.2024 08:21:09

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

5.3

CVE-2023-40587

  • EPSS 0.45%
  • Veröffentlicht 25.08.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:19:46

Pyramid is an open source Python web framework. A path traversal vulnerability in Pyramid versions 2.0.0 and 2.0.1 impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a `index.html` file that is loca...

6.5

CVE-2023-38201

  • EPSS 0.02%
  • Veröffentlicht 25.08.2023 17:15:08
  • Zuletzt bearbeitet 21.11.2024 08:13:04

A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake age...

7.8

CVE-2023-3899

  • EPSS 0.03%
  • Veröffentlicht 23.08.2023 11:15:07
  • Zuletzt bearbeitet 21.11.2024 08:18:19

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the reg...

8.1

CVE-2023-4427

  • EPSS 79.34%
  • Veröffentlicht 23.08.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:35:07

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1

CVE-2023-4428

  • EPSS 8.92%
  • Veröffentlicht 23.08.2023 00:15:09
  • Zuletzt bearbeitet 01.07.2025 14:15:30

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-4429

  • EPSS 0.47%
  • Veröffentlicht 23.08.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:35:07

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-4430

  • EPSS 13.15%
  • Veröffentlicht 23.08.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:35:08

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.1

CVE-2023-4431

  • EPSS 0.15%
  • Veröffentlicht 23.08.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:35:08

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)