Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.08%
  • Published 20.05.2021 13:15:07
  • Last modified 21.11.2024 06:21:28

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other u...

  • EPSS 2.38%
  • Published 20.05.2021 13:15:07
  • Last modified 21.11.2024 06:21:38

A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is ...

  • EPSS 3.06%
  • Published 20.05.2021 02:15:07
  • Last modified 21.11.2024 05:47:04

mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.

  • EPSS 0.04%
  • Published 19.05.2021 14:15:07
  • Last modified 21.11.2024 06:21:27

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from...

  • EPSS 0.04%
  • Published 19.05.2021 14:15:07
  • Last modified 21.11.2024 06:21:32

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into instal...

  • EPSS 0.09%
  • Published 19.05.2021 14:15:07
  • Last modified 21.11.2024 06:21:44

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-o...

Exploit
  • EPSS 0.11%
  • Published 18.05.2021 15:15:07
  • Last modified 21.11.2024 05:14:08

Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.

  • EPSS 0.25%
  • Published 18.05.2021 12:15:08
  • Last modified 21.11.2024 06:21:44

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, inte...

  • EPSS 0.26%
  • Published 18.05.2021 12:15:08
  • Last modified 21.11.2024 06:21:46

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system i...

  • EPSS 0.08%
  • Published 17.05.2021 18:15:08
  • Last modified 21.11.2024 06:07:23

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm (quadratic complexity) was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is t...