Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-50010

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.04.2024 17:15:52
  • Zuletzt bearbeitet 09.06.2025 16:15:34

FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.

8

CVE-2023-49501

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.04.2024 17:15:51
  • Zuletzt bearbeitet 03.06.2025 14:03:02

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.

8.8

CVE-2023-49502

Exploit
  • EPSS 0.24%
  • Veröffentlicht 19.04.2024 17:15:51
  • Zuletzt bearbeitet 03.06.2025 14:03:10

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

4

CVE-2023-50007

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.04.2024 17:15:51
  • Zuletzt bearbeitet 06.06.2025 13:15:23

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

7.5

CVE-2024-22640

Exploit
  • EPSS 1.32%
  • Veröffentlicht 19.04.2024 16:15:09
  • Zuletzt bearbeitet 21.05.2025 18:09:01

TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.

7.1

CVE-2023-3758

Exploit
  • EPSS 0.03%
  • Veröffentlicht 18.04.2024 19:15:08
  • Zuletzt bearbeitet 18.06.2025 19:44:10

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

8.4

CVE-2024-32462

  • EPSS 0.21%
  • Veröffentlicht 18.04.2024 18:15:09
  • Zuletzt bearbeitet 21.08.2025 00:43:47

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Norma...

6.1

CVE-2024-27306

  • EPSS 0.75%
  • Veröffentlicht 18.04.2024 15:15:29
  • Zuletzt bearbeitet 21.08.2025 00:45:38

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. ng...

8.1

CVE-2023-4233

  • EPSS 0.13%
  • Veröffentlicht 17.04.2024 23:15:07
  • Zuletzt bearbeitet 07.08.2025 13:48:52

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem,...

8.1

CVE-2023-4234

Exploit
  • EPSS 0.13%
  • Veröffentlicht 17.04.2024 23:15:07
  • Zuletzt bearbeitet 07.08.2025 13:49:57

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malic...