Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-50010

Exploit
  • EPSS 0.03%
  • Published 19.04.2024 17:15:52
  • Last modified 09.06.2025 16:15:34

FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.

8

CVE-2023-49501

Exploit
  • EPSS 0.03%
  • Published 19.04.2024 17:15:51
  • Last modified 03.06.2025 14:03:02

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.

8.8

CVE-2023-49502

Exploit
  • EPSS 0.24%
  • Published 19.04.2024 17:15:51
  • Last modified 03.06.2025 14:03:10

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

4

CVE-2023-50007

Exploit
  • EPSS 0.03%
  • Published 19.04.2024 17:15:51
  • Last modified 06.06.2025 13:15:23

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

7.5

CVE-2024-22640

Exploit
  • EPSS 1.32%
  • Published 19.04.2024 16:15:09
  • Last modified 21.05.2025 18:09:01

TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.

7.1

CVE-2023-3758

Exploit
  • EPSS 0.03%
  • Published 18.04.2024 19:15:08
  • Last modified 18.06.2025 19:44:10

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

8.4

CVE-2024-32462

  • EPSS 0.21%
  • Published 18.04.2024 18:15:09
  • Last modified 21.08.2025 00:43:47

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Norma...

6.1

CVE-2024-27306

  • EPSS 0.75%
  • Published 18.04.2024 15:15:29
  • Last modified 21.08.2025 00:45:38

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. ng...

8.1

CVE-2023-4233

  • EPSS 0.13%
  • Published 17.04.2024 23:15:07
  • Last modified 07.08.2025 13:48:52

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem,...

8.1

CVE-2023-4234

Exploit
  • EPSS 0.13%
  • Published 17.04.2024 23:15:07
  • Last modified 07.08.2025 13:49:57

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malic...