Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.25%
  • Veröffentlicht 06.03.2024 19:15:09
  • Zuletzt bearbeitet 19.12.2024 20:23:37

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 13.56%
  • Veröffentlicht 06.03.2024 19:15:08
  • Zuletzt bearbeitet 21.03.2025 21:15:35

Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • EPSS 65.25%
  • Veröffentlicht 06.03.2024 19:15:07
  • Zuletzt bearbeitet 03.11.2025 21:16:07

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause D...

  • EPSS 0.94%
  • Veröffentlicht 03.03.2024 21:15:49
  • Zuletzt bearbeitet 04.11.2025 19:17:04

p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information...

Exploit
  • EPSS 0.44%
  • Veröffentlicht 29.02.2024 20:15:41
  • Zuletzt bearbeitet 04.11.2025 22:15:58

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.

Exploit
  • EPSS 1.53%
  • Veröffentlicht 29.02.2024 02:15:09
  • Zuletzt bearbeitet 04.11.2025 22:15:58

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.

Exploit
  • EPSS 1.84%
  • Veröffentlicht 29.02.2024 01:44:16
  • Zuletzt bearbeitet 04.11.2025 22:15:58

yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)

Exploit
  • EPSS 0.83%
  • Veröffentlicht 29.02.2024 01:43:57
  • Zuletzt bearbeitet 19.12.2024 20:20:38

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 2.58%
  • Veröffentlicht 29.02.2024 01:43:57
  • Zuletzt bearbeitet 19.12.2024 20:20:25

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 1.06%
  • Veröffentlicht 28.02.2024 20:15:41
  • Zuletzt bearbeitet 14.02.2025 15:31:24

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb"...