Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.36%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 1.79%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • EPSS 1.15%
  • Veröffentlicht 09.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 05:47:45

Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Exploit
  • EPSS 1.21%
  • Veröffentlicht 09.04.2021 07:15:16
  • Zuletzt bearbeitet 21.11.2024 06:03:24

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.

Exploit
  • EPSS 1.18%
  • Veröffentlicht 09.04.2021 07:15:16
  • Zuletzt bearbeitet 21.11.2024 06:03:24

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

Exploit
  • EPSS 1.56%
  • Veröffentlicht 09.04.2021 07:15:16
  • Zuletzt bearbeitet 21.11.2024 06:03:25

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's on...

Exploit
  • EPSS 1.23%
  • Veröffentlicht 09.04.2021 07:15:15
  • Zuletzt bearbeitet 21.11.2024 06:03:24

An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.

Exploit
  • EPSS 1.99%
  • Veröffentlicht 08.04.2021 23:15:12
  • Zuletzt bearbeitet 03.12.2025 01:15:46

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmas...

  • EPSS 2.3%
  • Veröffentlicht 08.04.2021 23:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:38

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing mali...

  • EPSS 0.93%
  • Veröffentlicht 08.04.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:47

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.