Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-33200

  • EPSS 0.03%
  • Veröffentlicht 27.05.2021 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:08:30

kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege esca...

7.5

CVE-2021-28651

Exploit
  • EPSS 5.48%
  • Veröffentlicht 27.05.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:01

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecifi...

4.9

CVE-2021-28652

Exploit
  • EPSS 0.77%
  • Veröffentlicht 27.05.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:01

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a...

6.5

CVE-2021-28662

  • EPSS 13.63%
  • Veröffentlicht 27.05.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:03

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.

7.8

CVE-2021-30499

Exploit
  • EPSS 0.13%
  • Veröffentlicht 27.05.2021 00:15:08
  • Zuletzt bearbeitet 03.11.2025 20:15:47

A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to memory corruption and other potential consequences.

7.8

CVE-2021-30500

Exploit
  • EPSS 0.16%
  • Veröffentlicht 27.05.2021 00:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file.

5.5

CVE-2021-30501

Exploit
  • EPSS 0.13%
  • Veröffentlicht 27.05.2021 00:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.

5.5

CVE-2021-30469

Exploit
  • EPSS 0.17%
  • Veröffentlicht 26.05.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:03:58

A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.

5.5

CVE-2021-30470

Exploit
  • EPSS 0.04%
  • Veröffentlicht 26.05.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:03:59

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow.

5.5

CVE-2021-30471

Exploit
  • EPSS 0.04%
  • Veröffentlicht 26.05.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:03:59

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow.