Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.17%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:55

Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Exploit
  • EPSS 1.33%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:55

Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.

Exploit
  • EPSS 1.08%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:55

Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Exploit
  • EPSS 0.79%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:55

Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.

Exploit
  • EPSS 1.11%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:55

Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.

Exploit
  • EPSS 0.86%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:56

Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Exploit
  • EPSS 1.31%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:56

Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.

Exploit
  • EPSS 1.5%
  • Veröffentlicht 12.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:37:56

Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • EPSS 2.12%
  • Veröffentlicht 11.02.2022 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:48:58

Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAtt...

Exploit
  • EPSS 1.25%
  • Veröffentlicht 11.02.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:38:55

Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, t...