Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.13%
  • Veröffentlicht 21.12.2021 07:15:06
  • Zuletzt bearbeitet 05.06.2026 19:38:32

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

  • EPSS 0.92%
  • Veröffentlicht 21.12.2021 07:15:06
  • Zuletzt bearbeitet 21.11.2024 06:32:14

In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.

  • EPSS 82.3%
  • Veröffentlicht 20.12.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:30:37

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix D...

Exploit
  • EPSS 97.11%
  • Veröffentlicht 20.12.2021 12:15:07
  • Zuletzt bearbeitet 01.05.2025 15:38:06

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This...

Exploit
  • EPSS 1.83%
  • Veröffentlicht 19.12.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:36:58

vim is vulnerable to Heap-based Buffer Overflow

Exploit
  • EPSS 1.18%
  • Veröffentlicht 17.12.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:26:19

Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by constr...

  • EPSS 0.57%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:42

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

  • EPSS 0.57%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:43

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity a...

  • EPSS 0.57%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:43

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well a...

  • EPSS 0.57%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:43

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as sys...