Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.63%
  • Veröffentlicht 02.05.2024 18:15:07
  • Zuletzt bearbeitet 19.09.2025 13:37:32

pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions w...

Exploit
  • EPSS 0.46%
  • Veröffentlicht 02.05.2024 18:15:07
  • Zuletzt bearbeitet 19.09.2025 13:27:28

pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end.

Exploit
  • EPSS 1.41%
  • Veröffentlicht 01.05.2024 16:15:07
  • Zuletzt bearbeitet 04.11.2025 18:15:42

A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

  • EPSS 8.88%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 04.11.2025 18:16:41

Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Exploit
  • EPSS 0.9%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 04.11.2025 18:16:41

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 1%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 04.11.2025 18:16:42

Use after free in Dawn in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 1.23%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 20.12.2024 17:22:46

Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 1.06%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 13.03.2025 20:15:23

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • EPSS 0.18%
  • Veröffentlicht 01.05.2024 06:15:20
  • Zuletzt bearbeitet 04.11.2025 18:16:11

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, whic...

  • EPSS 0.23%
  • Veröffentlicht 01.05.2024 06:15:20
  • Zuletzt bearbeitet 04.11.2025 18:16:11

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header ...