Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.29%
  • Veröffentlicht 26.09.2022 14:15:11
  • Zuletzt bearbeitet 05.05.2025 16:15:19

A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameserv...

Exploit
  • EPSS 1.98%
  • Veröffentlicht 26.09.2022 05:15:10
  • Zuletzt bearbeitet 21.11.2024 06:45:27

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.

Exploit
  • EPSS 0.5%
  • Veröffentlicht 25.09.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:14

Use After Free in GitHub repository vim/vim prior to 9.0.0579.

Exploit
  • EPSS 0.53%
  • Veröffentlicht 25.09.2022 17:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:14

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.

Exploit
  • EPSS 0.82%
  • Veröffentlicht 23.09.2022 22:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:12

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.

Exploit
  • EPSS 8.34%
  • Veröffentlicht 23.09.2022 18:15:10
  • Zuletzt bearbeitet 27.05.2025 15:15:26

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to er...

  • EPSS 1.52%
  • Veröffentlicht 23.09.2022 16:15:11
  • Zuletzt bearbeitet 27.05.2025 15:15:28

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

Exploit
  • EPSS 0.48%
  • Veröffentlicht 23.09.2022 05:15:08
  • Zuletzt bearbeitet 01.06.2025 11:15:19

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.

  • EPSS 2.9%
  • Veröffentlicht 23.09.2022 04:15:11
  • Zuletzt bearbeitet 21.11.2024 07:12:02

Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted `COUNT` argument may...

  • EPSS 1.19%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:47

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and ...