Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2023-5349

Exploit
  • EPSS 0.05%
  • Published 30.10.2023 21:15:07
  • Last modified 21.11.2024 08:41:35

A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.

7.5

CVE-2023-34058

  • EPSS 0.03%
  • Published 27.10.2023 05:15:38
  • Last modified 06.03.2025 16:15:41

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a...

7.8

CVE-2023-5367

  • EPSS 0.06%
  • Published 25.10.2023 20:15:18
  • Last modified 04.08.2025 21:15:27

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...

4.7

CVE-2023-5380

  • EPSS 0.08%
  • Published 25.10.2023 20:15:18
  • Last modified 21.11.2024 08:41:39

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a wi...

6.5

CVE-2023-41983

  • EPSS 1.11%
  • Published 25.10.2023 19:15:10
  • Last modified 21.11.2024 08:22:02

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

8.8

CVE-2023-42852

  • EPSS 2.17%
  • Published 25.10.2023 19:15:10
  • Last modified 05.05.2025 15:15:53

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

8.8

CVE-2023-5472

  • EPSS 1.46%
  • Published 25.10.2023 18:17:43
  • Last modified 01.05.2025 19:15:56

Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-31122

  • EPSS 0.43%
  • Published 23.10.2023 07:15:11
  • Last modified 01.08.2025 02:03:27

Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

5.9

CVE-2023-45802

  • EPSS 1.74%
  • Published 23.10.2023 07:15:11
  • Last modified 25.08.2025 02:09:55

When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, ...

8.8

CVE-2023-5686

Exploit
  • EPSS 0.08%
  • Published 20.10.2023 17:15:08
  • Last modified 21.11.2024 08:42:16

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.