Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.82%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:27

Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • EPSS 0.29%
  • Veröffentlicht 26.07.2022 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:08:27

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code ...

  • EPSS 1.22%
  • Veröffentlicht 25.07.2022 23:15:07
  • Zuletzt bearbeitet 21.11.2024 07:10:06

In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking.

  • EPSS 6.44%
  • Veröffentlicht 25.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:11:26

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exp...

  • EPSS 49.1%
  • Veröffentlicht 25.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:11:26

The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal...

  • EPSS 0.88%
  • Veröffentlicht 25.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:11:26

A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary H...

  • EPSS 0.89%
  • Veröffentlicht 25.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:11:26

An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitr...

  • EPSS 3.75%
  • Veröffentlicht 25.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:11:26

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute...

Exploit
  • EPSS 1.64%
  • Veröffentlicht 25.07.2022 14:15:10
  • Zuletzt bearbeitet 21.11.2024 05:37:35

This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization.

  • EPSS 0.94%
  • Veröffentlicht 25.07.2022 14:15:10
  • Zuletzt bearbeitet 21.11.2024 06:39:09

A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker...