Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-0808

  • EPSS 0.34%
  • Published 24.01.2024 00:15:07
  • Last modified 30.05.2025 15:15:31

Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

7.5

CVE-2023-39197

  • EPSS 0.06%
  • Published 23.01.2024 03:15:11
  • Last modified 21.11.2024 08:14:53

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.

6.1

CVE-2024-22420

  • EPSS 0.45%
  • Published 19.01.2024 21:15:09
  • Last modified 21.11.2024 08:56:15

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. ...

6.5

CVE-2024-22421

  • EPSS 0.14%
  • Published 19.01.2024 21:15:09
  • Last modified 21.11.2024 08:56:15

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a th...

5.5

CVE-2024-0408

  • EPSS 0.02%
  • Published 18.01.2024 16:15:08
  • Last modified 29.08.2025 13:42:30

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another r...

7.8

CVE-2024-0409

  • EPSS 0.02%
  • Published 18.01.2024 16:15:08
  • Last modified 29.08.2025 13:42:30

A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX contex...

6.6

CVE-2024-0607

  • EPSS 0.02%
  • Published 18.01.2024 16:15:08
  • Last modified 21.11.2024 08:46:59

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of...

9.8

CVE-2023-6816

  • EPSS 3.08%
  • Published 18.01.2024 05:15:08
  • Last modified 29.08.2025 13:42:30

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for th...

8.8

CVE-2024-0517

  • EPSS 69.21%
  • Published 16.01.2024 22:15:37
  • Last modified 22.05.2025 18:15:33

Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-0518

  • EPSS 0.15%
  • Published 16.01.2024 22:15:37
  • Last modified 21.11.2024 08:46:46

Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)