Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2%
  • Veröffentlicht 04.06.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:04:04

Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Exploit
  • EPSS 1.11%
  • Veröffentlicht 04.06.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:04:04

Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Exploit
  • EPSS 1.2%
  • Veröffentlicht 04.06.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:04:04

Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 1.33%
  • Veröffentlicht 04.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:59:04

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.

  • EPSS 2.22%
  • Veröffentlicht 04.06.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:03:59

aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.

  • EPSS 1.33%
  • Veröffentlicht 04.06.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:51

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat f...

  • EPSS 4.21%
  • Veröffentlicht 02.06.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:07:24

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and pot...

  • EPSS 2.88%
  • Veröffentlicht 02.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:54:40

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

  • EPSS 2.34%
  • Veröffentlicht 02.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:54:41

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.

  • EPSS 2.45%
  • Veröffentlicht 02.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:05

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.