Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.36%
  • Published 20.01.2021 15:15:45
  • Last modified 21.11.2024 06:02:10

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with net...

  • EPSS 0.52%
  • Published 20.01.2021 15:15:45
  • Last modified 21.11.2024 06:02:10

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via m...

  • EPSS 0.12%
  • Published 19.01.2021 20:15:12
  • Last modified 21.11.2024 05:03:12

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

  • EPSS 0.16%
  • Published 19.01.2021 20:15:12
  • Last modified 20.03.2025 17:01:20

SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.

  • EPSS 2.21%
  • Published 19.01.2021 15:15:12
  • Last modified 21.11.2024 06:21:04

rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email me...

  • EPSS 0.39%
  • Published 19.01.2021 07:15:13
  • Last modified 21.11.2024 06:21:04

fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirecto...

Exploit
  • EPSS 0.03%
  • Published 19.01.2021 06:15:12
  • Last modified 21.11.2024 06:21:03

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to ...

Warning
  • EPSS 83.04%
  • Published 18.01.2021 20:15:12
  • Last modified 03.04.2025 19:44:16

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

  • EPSS 0.22%
  • Published 15.01.2021 14:15:14
  • Last modified 21.11.2024 05:27:58

An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.

Exploit
  • EPSS 0.34%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:19:41

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x.x.x`. However, it was observed that when sending ...