Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-9399

  • EPSS 2.14%
  • Published 23.03.2017 18:59:01
  • Last modified 20.04.2025 01:37:25

The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

5.5

CVE-2016-8887

  • EPSS 0.22%
  • Published 23.03.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).

7.5

CVE-2016-9397

  • EPSS 1.8%
  • Published 23.03.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

5.9

CVE-2016-6225

  • EPSS 0.5%
  • Published 23.03.2017 16:59:00
  • Last modified 20.04.2025 01:37:25

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files v...

5.5

CVE-2015-4645

  • EPSS 0.21%
  • Published 17.03.2017 14:59:00
  • Last modified 20.04.2025 01:37:25

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.

5.5

CVE-2017-5849

Exploit
  • EPSS 0.23%
  • Published 15.03.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and heigh...

6.1

CVE-2016-7103

Exploit
  • EPSS 1.38%
  • Published 15.03.2017 16:59:00
  • Last modified 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

7.5

CVE-2017-6311

Exploit
  • EPSS 1.05%
  • Published 10.03.2017 02:59:00
  • Last modified 20.04.2025 01:37:25

gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.

5.5

CVE-2017-6312

Exploit
  • EPSS 0.31%
  • Published 10.03.2017 02:59:00
  • Last modified 20.04.2025 01:37:25

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to co...

7.1

CVE-2017-6313

Exploit
  • EPSS 0.33%
  • Published 10.03.2017 02:59:00
  • Last modified 20.04.2025 01:37:25

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.