Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-42010

Exploit
  • EPSS 0.06%
  • Veröffentlicht 10.10.2022 00:15:09
  • Zuletzt bearbeitet 09.06.2025 15:15:27

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid typ...

6.5

CVE-2022-42011

Exploit
  • EPSS 0.11%
  • Veröffentlicht 10.10.2022 00:15:09
  • Zuletzt bearbeitet 09.06.2025 15:15:28

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is...

6.5

CVE-2022-42012

Exploit
  • EPSS 0.11%
  • Veröffentlicht 10.10.2022 00:15:09
  • Zuletzt bearbeitet 09.06.2025 15:15:28

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descripto...

4.3

CVE-2022-3435

  • EPSS 0.06%
  • Veröffentlicht 08.10.2022 11:15:10
  • Zuletzt bearbeitet 21.11.2024 07:19:30

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initi...

9.8

CVE-2022-3275

  • EPSS 1.65%
  • Veröffentlicht 07.10.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:19:11

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of...

6.5

CVE-2022-2929

  • EPSS 0.03%
  • Veröffentlicht 07.10.2022 05:15:11
  • Zuletzt bearbeitet 21.11.2024 07:01:56

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

6.5

CVE-2022-2928

  • EPSS 0.03%
  • Veröffentlicht 07.10.2022 05:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:56

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() t...

7.5

CVE-2022-41556

Exploit
  • EPSS 0.39%
  • Veröffentlicht 06.10.2022 18:17:03
  • Zuletzt bearbeitet 21.11.2024 07:23:23

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked...

7.1

CVE-2022-40313

  • EPSS 0.75%
  • Veröffentlicht 30.09.2022 17:15:13
  • Zuletzt bearbeitet 20.05.2025 19:15:47

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.

9.8

CVE-2022-40315

  • EPSS 0.65%
  • Veröffentlicht 30.09.2022 17:15:13
  • Zuletzt bearbeitet 20.05.2025 17:15:45

A limited SQL injection risk was identified in the "browse list of users" site administration page.