Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2022-21253

  • EPSS 0.36%
  • Veröffentlicht 19.01.2022 12:15:10
  • Zuletzt bearbeitet 21.11.2024 06:44:12

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro...

6.3

CVE-2022-21254

  • EPSS 1.14%
  • Veröffentlicht 19.01.2022 12:15:10
  • Zuletzt bearbeitet 21.11.2024 06:44:12

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple pr...

6.8

CVE-2022-21256

  • EPSS 0.36%
  • Veröffentlicht 19.01.2022 12:15:10
  • Zuletzt bearbeitet 21.11.2024 06:44:13

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v...

4.3

CVE-2022-21673

  • EPSS 0.52%
  • Veröffentlicht 18.01.2022 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:45:12

Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will for...

9.8

CVE-2022-23303

  • EPSS 0.3%
  • Veröffentlicht 17.01.2022 02:15:06
  • Zuletzt bearbeitet 03.11.2025 20:15:52

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.

9.8

CVE-2022-23304

  • EPSS 0.06%
  • Veröffentlicht 17.01.2022 02:15:06
  • Zuletzt bearbeitet 03.11.2025 20:15:52

The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.

4.3

CVE-2022-0238

Exploit
  • EPSS 0.17%
  • Veröffentlicht 16.01.2022 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:38:12

phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)

7.8

CVE-2021-44537

  • EPSS 1.09%
  • Veröffentlicht 15.01.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:11

ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.

7.5

CVE-2022-23094

Exploit
  • EPSS 1.3%
  • Veröffentlicht 15.01.2022 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:47:58

Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.

5.5

CVE-2021-46019

Exploit
  • EPSS 0.2%
  • Veröffentlicht 14.01.2022 20:15:15
  • Zuletzt bearbeitet 21.11.2024 06:33:28

An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.