Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-5766

Exploit
  • EPSS 15.27%
  • Published 07.08.2016 10:59:13
  • Last modified 12.04.2025 10:46:40

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based ...

7.8

CVE-2016-6185

Exploit
  • EPSS 0.25%
  • Published 02.08.2016 14:59:02
  • Last modified 12.04.2025 10:46:40

The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.

7.8

CVE-2016-1238

  • EPSS 0.27%
  • Published 02.08.2016 14:59:00
  • Last modified 12.04.2025 10:46:40

(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpa...

9.8

CVE-2016-4610

  • EPSS 3.26%
  • Published 22.07.2016 02:59:34
  • Last modified 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

9.8

CVE-2016-4609

  • EPSS 5.59%
  • Published 22.07.2016 02:59:32
  • Last modified 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

9.8

CVE-2016-4608

  • EPSS 5.21%
  • Published 22.07.2016 02:59:31
  • Last modified 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

9.8

CVE-2016-4607

  • EPSS 4.74%
  • Published 22.07.2016 02:59:30
  • Last modified 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

5.9

CVE-2016-2775

  • EPSS 34.23%
  • Published 19.07.2016 22:59:00
  • Last modified 12.04.2025 10:46:40

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight reso...

8.1

CVE-2016-5387

  • EPSS 77.5%
  • Published 19.07.2016 02:00:19
  • Last modified 12.04.2025 10:46:40

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app...

8.1

CVE-2016-5386

  • EPSS 87.62%
  • Published 19.07.2016 02:00:18
  • Last modified 12.04.2025 10:46:40

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi...