Fedoraproject

Fedora

5355 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-21393

  • EPSS 0.55%
  • Veröffentlicht 12.04.2021 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:48:16

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on...

6.5

CVE-2021-21394

  • EPSS 0.52%
  • Veröffentlicht 12.04.2021 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:48:16

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on...

5.3

CVE-2021-28876

Exploit
  • EPSS 0.42%
  • Veröffentlicht 11.04.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 06:00:21

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to ...

7.5

CVE-2021-28878

Exploit
  • EPSS 1.01%
  • Veröffentlicht 11.04.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 06:00:21

In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety ...

9.8

CVE-2021-28879

Exploit
  • EPSS 1.1%
  • Veröffentlicht 11.04.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 06:00:21

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.

8.8

CVE-2021-21194

  • EPSS 0.84%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2021-21195

  • EPSS 0.21%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2021-21196

  • EPSS 1.04%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2021-21197

  • EPSS 0.74%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7.4

CVE-2021-21198

  • EPSS 0.83%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.