Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-24614

  • EPSS 6.4%
  • Published 25.08.2020 14:15:16
  • Last modified 21.11.2024 05:15:09

Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.

7.5

CVE-2020-24606

  • EPSS 6.34%
  • Published 24.08.2020 18:15:10
  • Last modified 21.11.2024 05:15:08

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digest...

6

CVE-2020-14367

  • EPSS 0.26%
  • Published 24.08.2020 15:15:13
  • Last modified 21.11.2024 05:03:06

A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check fo...

6.5

CVE-2020-8622

  • EPSS 0.6%
  • Published 21.08.2020 21:15:12
  • Last modified 21.11.2024 05:39:08

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed re...

7.5

CVE-2020-8623

  • EPSS 5.63%
  • Published 21.08.2020 21:15:12
  • Last modified 21.11.2024 05:39:08

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To ...

4.3

CVE-2020-8624

  • EPSS 1.95%
  • Published 21.08.2020 21:15:12
  • Last modified 21.11.2024 05:39:08

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to ch...

7.5

CVE-2020-1597

  • EPSS 8.49%
  • Published 17.08.2020 19:15:21
  • Last modified 21.11.2024 05:10:55

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be ex...

9.3

CVE-2020-1472

Warning Exploit
  • EPSS 94.43%
  • Published 17.08.2020 19:15:15
  • Last modified 07.03.2025 14:57:32

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability...

5.3

CVE-2020-24370

Exploit
  • EPSS 2.02%
  • Published 17.08.2020 17:15:13
  • Last modified 05.05.2025 14:12:47

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

7.8

CVE-2020-24342

Exploit
  • EPSS 0.23%
  • Published 13.08.2020 19:15:13
  • Last modified 21.11.2024 05:14:37

Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.