Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2021-37980

  • EPSS 0.31%
  • Veröffentlicht 02.11.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:16:11

Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.

8.3

CVE-2021-42574

Exploit
  • EPSS 25.54%
  • Veröffentlicht 01.11.2021 04:15:07
  • Zuletzt bearbeitet 21.11.2024 06:27:50

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logic...

9.8

CVE-2021-3756

Exploit
  • EPSS 0.33%
  • Veröffentlicht 29.10.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:20

libmysofa is vulnerable to Heap-based Buffer Overflow

5.5

CVE-2021-43056

  • EPSS 0.02%
  • Veröffentlicht 28.10.2021 04:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:36

An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the...

7.8

CVE-2021-3903

Exploit
  • EPSS 0.32%
  • Veröffentlicht 27.10.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:44

vim is vulnerable to Heap-based Buffer Overflow

5.3

CVE-2021-25219

  • EPSS 0.71%
  • Veröffentlicht 27.10.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:54:34

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken ...

6.1

CVE-2021-41182

Exploit
  • EPSS 19.26%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:25:41

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any str...

6.1

CVE-2021-41183

Exploit
  • EPSS 2.86%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:25:42

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The v...

6.1

CVE-2021-41184

  • EPSS 22.09%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 04.11.2025 16:15:43

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string v...

7

CVE-2021-21703

Exploit
  • EPSS 0.13%
  • Veröffentlicht 25.10.2021 06:15:06
  • Zuletzt bearbeitet 21.11.2024 05:48:52

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the c...