Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-1822

  • EPSS 0.62%
  • Published 04.04.2023 22:15:07
  • Last modified 21.11.2024 07:39:58

Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2023-1823

  • EPSS 0.08%
  • Published 04.04.2023 22:15:07
  • Last modified 21.11.2024 07:39:58

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

5.3

CVE-2023-26916

  • EPSS 0.06%
  • Published 03.04.2023 22:15:07
  • Last modified 18.02.2025 17:15:16

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.

6.3

CVE-2023-1611

  • EPSS 0.01%
  • Published 03.04.2023 22:15:06
  • Last modified 13.02.2025 15:15:13

A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea

7.5

CVE-2022-36440

Exploit
  • EPSS 0.24%
  • Published 03.04.2023 16:15:07
  • Last modified 21.11.2024 07:13:00

A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.

9.8

CVE-2023-29141

  • EPSS 0.18%
  • Published 31.03.2023 19:15:07
  • Last modified 18.02.2025 16:15:16

An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.

5.3

CVE-2023-28755

  • EPSS 0.45%
  • Published 31.03.2023 04:15:09
  • Last modified 14.02.2025 20:15:32

A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versio...

5.3

CVE-2023-28756

  • EPSS 0.8%
  • Published 31.03.2023 04:15:09
  • Last modified 21.11.2024 07:55:56

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed vers...

7.8

CVE-2023-1393

  • EPSS 0.06%
  • Published 30.03.2023 21:15:06
  • Last modified 29.08.2025 13:42:30

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompSc...

8.8

CVE-2023-27533

Exploit
  • EPSS 0.14%
  • Published 30.03.2023 20:15:07
  • Last modified 21.11.2024 07:53:06

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing a...