Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2024-2004

Exploit
  • EPSS 0.84%
  • Veröffentlicht 27.03.2024 08:15:41
  • Zuletzt bearbeitet 30.07.2025 19:42:14

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to c...

8.6

CVE-2024-2398

Exploit
  • EPSS 1.96%
  • Veröffentlicht 27.03.2024 08:15:41
  • Zuletzt bearbeitet 30.07.2025 19:42:27

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all...

8.8

CVE-2024-2883

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.03.2024 21:15:53
  • Zuletzt bearbeitet 14.03.2025 02:15:13

Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2024-2885

Exploit
  • EPSS 0.3%
  • Veröffentlicht 26.03.2024 21:15:53
  • Zuletzt bearbeitet 18.03.2025 16:15:21

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2024-2886

Exploit
  • EPSS 0.68%
  • Veröffentlicht 26.03.2024 21:15:53
  • Zuletzt bearbeitet 22.03.2025 14:15:14

Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

7.7

CVE-2024-2887

Exploit
  • EPSS 4.74%
  • Veröffentlicht 26.03.2024 21:15:53
  • Zuletzt bearbeitet 28.03.2025 20:15:22

Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2024-2955

Exploit
  • EPSS 0.09%
  • Veröffentlicht 26.03.2024 20:15:11
  • Zuletzt bearbeitet 03.11.2025 22:16:51

T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file

7.3

CVE-2024-29131

  • EPSS 0.2%
  • Veröffentlicht 21.03.2024 09:15:07
  • Zuletzt bearbeitet 01.05.2025 19:13:04

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

5.4

CVE-2024-29133

  • EPSS 0.68%
  • Veröffentlicht 21.03.2024 09:15:07
  • Zuletzt bearbeitet 01.05.2025 19:12:24

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

8.8

CVE-2024-2625

  • EPSS 0.68%
  • Veröffentlicht 20.03.2024 17:15:07
  • Zuletzt bearbeitet 21.11.2024 09:10:09

Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)