Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-2938

  • EPSS 0.03%
  • Veröffentlicht 23.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:57

A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.

7.8

CVE-2022-31676

  • EPSS 0.07%
  • Veröffentlicht 23.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:05:06

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

6.5

CVE-2022-37428

  • EPSS 0.04%
  • Veröffentlicht 23.08.2022 17:15:15
  • Zuletzt bearbeitet 21.11.2024 07:14:58

PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properti...

7.8

CVE-2022-2946

Exploit
  • EPSS 0.04%
  • Veröffentlicht 23.08.2022 17:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:58

Use After Free in GitHub repository vim/vim prior to 9.0.0246.

7.5

CVE-2021-3839

  • EPSS 0.13%
  • Veröffentlicht 23.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:22:36

A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result o...

7.5

CVE-2021-3905

Exploit
  • EPSS 0.14%
  • Veröffentlicht 23.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:22:44

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

7.8

CVE-2021-23177

  • EPSS 0.04%
  • Veröffentlicht 23.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 05:51:19

An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extrac...

7.8

CVE-2021-31566

  • EPSS 0.03%
  • Veröffentlicht 23.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:05:55

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger...

6.5

CVE-2021-3670

  • EPSS 2.8%
  • Veröffentlicht 23.08.2022 16:15:09
  • Zuletzt bearbeitet 21.08.2025 17:57:42

MaxQueryDuration not honoured in Samba AD DC LDAP

7.5

CVE-2022-25761

  • EPSS 0.14%
  • Veröffentlicht 23.08.2022 05:15:08
  • Zuletzt bearbeitet 21.11.2024 06:52:57

The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attack...