Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-4115

Exploit
  • EPSS 0.11%
  • Veröffentlicht 21.02.2022 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:36:55

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the fai...

5.5

CVE-2022-0696

Exploit
  • EPSS 0.15%
  • Veröffentlicht 21.02.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:39:12

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.

4.3

CVE-2021-44141

  • EPSS 0.29%
  • Veröffentlicht 21.02.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:25

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has t...

9

CVE-2021-44142

  • EPSS 31.01%
  • Veröffentlicht 21.02.2022 15:15:07
  • Zuletzt bearbeitet 23.04.2025 19:15:51

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fru...

7.1

CVE-2021-45083

  • EPSS 0.03%
  • Veröffentlicht 20.02.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:31:54

An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file co...

7.8

CVE-2022-0685

Exploit
  • EPSS 0.4%
  • Veröffentlicht 20.02.2022 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:39:10

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.

7.8

CVE-2021-45082

Exploit
  • EPSS 0.04%
  • Veröffentlicht 19.02.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:31:54

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)

5.5

CVE-2022-23645

  • EPSS 0.04%
  • Veröffentlicht 18.02.2022 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:49:00

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize...

7.8

CVE-2022-24052

  • EPSS 0.09%
  • Veröffentlicht 18.02.2022 20:15:18
  • Zuletzt bearbeitet 21.11.2024 06:49:44

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerabil...

7.8

CVE-2022-24048

  • EPSS 0.09%
  • Veröffentlicht 18.02.2022 20:15:17
  • Zuletzt bearbeitet 21.11.2024 06:49:43

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerabi...