Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.3%
  • Veröffentlicht 22.08.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 07:01:51

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to cra...

  • EPSS 0.26%
  • Veröffentlicht 22.08.2022 15:15:13
  • Zuletzt bearbeitet 21.11.2024 06:22:05

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerabili...

Exploit
  • EPSS 0.5%
  • Veröffentlicht 19.08.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:52

Use After Free in GitHub repository vim/vim prior to 9.0.0225.

Exploit
  • EPSS 0.4%
  • Veröffentlicht 18.08.2022 20:15:11
  • Zuletzt bearbeitet 21.11.2024 07:14:20

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.

Exploit
  • EPSS 0.4%
  • Veröffentlicht 18.08.2022 20:15:11
  • Zuletzt bearbeitet 21.11.2024 07:14:20

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.

Exploit
  • EPSS 0.4%
  • Veröffentlicht 18.08.2022 20:15:11
  • Zuletzt bearbeitet 21.11.2024 07:14:21

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942.

  • EPSS 1.52%
  • Veröffentlicht 18.08.2022 19:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:23

A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the abilit...

  • EPSS 0.3%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or i...

  • EPSS 0.3%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.

  • EPSS 0.3%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into op...