Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.5%
  • Veröffentlicht 19.02.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:31:54

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)

  • EPSS 0.4%
  • Veröffentlicht 18.02.2022 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:49:00

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize...

  • EPSS 0.69%
  • Veröffentlicht 18.02.2022 20:15:18
  • Zuletzt bearbeitet 21.11.2024 06:49:44

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerabil...

  • EPSS 0.69%
  • Veröffentlicht 18.02.2022 20:15:17
  • Zuletzt bearbeitet 21.11.2024 06:49:43

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerabi...

  • EPSS 0.64%
  • Veröffentlicht 18.02.2022 20:15:17
  • Zuletzt bearbeitet 21.11.2024 06:49:44

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The spe...

  • EPSS 0.66%
  • Veröffentlicht 18.02.2022 20:15:17
  • Zuletzt bearbeitet 21.11.2024 06:49:44

MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The spec...

Exploit
  • EPSS 2.41%
  • Veröffentlicht 18.02.2022 18:15:11
  • Zuletzt bearbeitet 03.11.2025 22:15:54

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file

Exploit
  • EPSS 0.42%
  • Veröffentlicht 18.02.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 06:36:53

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instru...

  • EPSS 6.85%
  • Veröffentlicht 18.02.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:46:22

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass ...

  • EPSS 3.46%
  • Veröffentlicht 18.02.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:05

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer over...