Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2016-4008

  • EPSS 5.05%
  • Published 05.05.2016 18:59:10
  • Last modified 12.04.2025 10:46:40

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.

9.8

CVE-2016-4002

  • EPSS 9.18%
  • Published 26.04.2016 14:59:04
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitra...

9.8

CVE-2016-3074

Exploit
  • EPSS 52.52%
  • Published 26.04.2016 14:59:01
  • Last modified 12.04.2025 10:46:40

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflo...

9.8

CVE-2015-8779

  • EPSS 7.63%
  • Published 19.04.2016 21:59:05
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

9.1

CVE-2015-8776

  • EPSS 6.32%
  • Published 19.04.2016 21:59:04
  • Last modified 12.04.2025 10:46:40

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

9.8

CVE-2015-8778

  • EPSS 7.73%
  • Published 19.04.2016 21:59:04
  • Last modified 12.04.2025 10:46:40

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which tri...

9.8

CVE-2014-9761

  • EPSS 3.82%
  • Published 19.04.2016 21:59:00
  • Last modified 12.04.2025 10:46:40

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) ...

8.8

CVE-2016-3960

  • EPSS 0.08%
  • Published 19.04.2016 14:59:03
  • Last modified 12.04.2025 10:46:40

Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.

7.5

CVE-2016-3071

  • EPSS 0.97%
  • Published 18.04.2016 14:59:02
  • Last modified 12.04.2025 10:46:40

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.

9.3

CVE-2015-8106

  • EPSS 0.84%
  • Published 18.04.2016 14:59:01
  • Last modified 12.04.2025 10:46:40

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file.