Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-33193

Exploit
  • EPSS 1.13%
  • Veröffentlicht 16.08.2021 08:15:11
  • Zuletzt bearbeitet 01.05.2025 15:40:12

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

6.9

CVE-2021-3573

Exploit
  • EPSS 0.03%
  • Veröffentlicht 13.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:52

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_bl...

4.9

CVE-2021-3635

  • EPSS 0.1%
  • Veröffentlicht 13.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:02

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

5.4

CVE-2021-37695

  • EPSS 0.48%
  • Veröffentlicht 13.08.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:15:43

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed F...

9.8

CVE-2021-31556

  • EPSS 0.66%
  • Veröffentlicht 12.08.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:54

An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.

5.4

CVE-2021-32808

  • EPSS 1.37%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malform...

5.4

CVE-2021-32809

  • EPSS 0.2%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionali...

7.5

CVE-2021-38604

Exploit
  • EPSS 0.1%
  • Veröffentlicht 12.08.2021 16:15:10
  • Zuletzt bearbeitet 30.05.2025 19:15:26

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 ...

9.8

CVE-2021-20314

  • EPSS 0.17%
  • Veröffentlicht 12.08.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:21

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.

7.5

CVE-2021-38593

  • EPSS 0.83%
  • Veröffentlicht 12.08.2021 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:17:36

Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).