Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-3756

Exploit
  • EPSS 0.33%
  • Veröffentlicht 29.10.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:20

libmysofa is vulnerable to Heap-based Buffer Overflow

5.5

CVE-2021-43056

  • EPSS 0.02%
  • Veröffentlicht 28.10.2021 04:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:36

An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the...

7.8

CVE-2021-3903

Exploit
  • EPSS 0.37%
  • Veröffentlicht 27.10.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:44

vim is vulnerable to Heap-based Buffer Overflow

5.3

CVE-2021-25219

  • EPSS 0.71%
  • Veröffentlicht 27.10.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:54:34

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken ...

6.1

CVE-2021-41182

Exploit
  • EPSS 19.26%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:25:41

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any str...

6.1

CVE-2021-41183

Exploit
  • EPSS 2.86%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:25:42

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The v...

6.1

CVE-2021-41184

  • EPSS 22.09%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 04.11.2025 16:15:43

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string v...

7

CVE-2021-21703

Exploit
  • EPSS 0.13%
  • Veröffentlicht 25.10.2021 06:15:06
  • Zuletzt bearbeitet 21.11.2024 05:48:52

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the c...

5.5

CVE-2021-42715

  • EPSS 0.16%
  • Veröffentlicht 21.10.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:01

An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb...

7.1

CVE-2021-42716

Exploit
  • EPSS 0.25%
  • Veröffentlicht 21.10.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:01

An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potenti...