Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-33204

  • EPSS 0.03%
  • Veröffentlicht 18.05.2023 08:15:08
  • Zuletzt bearbeitet 22.01.2025 15:15:09

sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.

5.5

CVE-2023-2731

Exploit
  • EPSS 0.01%
  • Veröffentlicht 17.05.2023 22:15:11
  • Zuletzt bearbeitet 22.01.2025 19:15:09

A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TI...

8.8

CVE-2023-24805

Exploit
  • EPSS 8.85%
  • Veröffentlicht 17.05.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 07:48:25

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vul...

8.8

CVE-2023-2721

  • EPSS 0.23%
  • Veröffentlicht 16.05.2023 19:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:35

Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2023-2722

  • EPSS 0.31%
  • Veröffentlicht 16.05.2023 19:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:35

Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2723

  • EPSS 16.46%
  • Veröffentlicht 16.05.2023 19:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:36

Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2724

  • EPSS 12.75%
  • Veröffentlicht 16.05.2023 19:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:36

Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2725

  • EPSS 11.27%
  • Veröffentlicht 16.05.2023 19:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:36

Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2726

  • EPSS 0.03%
  • Veröffentlicht 16.05.2023 19:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:36

Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)

5.5

CVE-2023-2700

  • EPSS 0.03%
  • Veröffentlicht 15.05.2023 22:15:12
  • Zuletzt bearbeitet 28.01.2025 17:15:14

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autopt...