Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6

CVE-2021-3607

  • EPSS 0.17%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:57

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a ...

6

CVE-2021-3608

  • EPSS 0.13%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due ...

7.5

CVE-2021-3610

  • EPSS 0.14%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation faul...

6.4

CVE-2021-3700

  • EPSS 0.04%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:11

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or bl...

7.8

CVE-2022-0546

  • EPSS 0.39%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:38:53

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.

8.8

CVE-2022-24407

  • EPSS 0.76%
  • Veröffentlicht 24.02.2022 15:15:29
  • Zuletzt bearbeitet 21.11.2024 06:50:21

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

6.5

CVE-2022-24599

Exploit
  • EPSS 0.26%
  • Veröffentlicht 24.02.2022 15:15:29
  • Zuletzt bearbeitet 03.11.2025 20:15:53

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring functio...

7.8

CVE-2019-25058

Exploit
  • EPSS 0.03%
  • Veröffentlicht 24.02.2022 15:15:21
  • Zuletzt bearbeitet 21.11.2024 04:39:51

An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.

7.5

CVE-2021-25636

  • EPSS 0.2%
  • Veröffentlicht 24.02.2022 15:15:21
  • Zuletzt bearbeitet 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

5.5

CVE-2022-0695

Exploit
  • EPSS 0.32%
  • Veröffentlicht 24.02.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:39:12

Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.