Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-52160

  • EPSS 3.12%
  • Veröffentlicht 22.02.2024 17:15:08
  • Zuletzt bearbeitet 04.11.2025 19:16:22

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vuln...

7.5

CVE-2023-3966

  • EPSS 0.05%
  • Veröffentlicht 22.02.2024 13:15:07
  • Zuletzt bearbeitet 16.05.2025 14:17:01

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is en...

7.5

CVE-2024-24476

  • EPSS 1.78%
  • Veröffentlicht 21.02.2024 19:15:09
  • Zuletzt bearbeitet 04.11.2025 19:16:57

A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other ...

7.5

CVE-2024-24479

  • EPSS 0.29%
  • Veröffentlicht 21.02.2024 19:15:09
  • Zuletzt bearbeitet 04.11.2025 19:16:57

A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other r...

4.3

CVE-2023-42843

  • EPSS 0.09%
  • Veröffentlicht 21.02.2024 07:15:48
  • Zuletzt bearbeitet 09.12.2024 17:31:31

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spo...

8.8

CVE-2024-1669

Exploit
  • EPSS 0.22%
  • Veröffentlicht 21.02.2024 04:15:08
  • Zuletzt bearbeitet 19.12.2024 17:32:13

Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-1670

Exploit
  • EPSS 0.33%
  • Veröffentlicht 21.02.2024 04:15:08
  • Zuletzt bearbeitet 19.12.2024 17:33:44

Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

5.4

CVE-2024-1672

Exploit
  • EPSS 0.07%
  • Veröffentlicht 21.02.2024 04:15:08
  • Zuletzt bearbeitet 19.12.2024 17:53:20

Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2024-1673

Exploit
  • EPSS 0.39%
  • Veröffentlicht 21.02.2024 04:15:08
  • Zuletzt bearbeitet 19.12.2024 17:54:58

Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8

CVE-2024-1674

  • EPSS 0.02%
  • Veröffentlicht 21.02.2024 04:15:08
  • Zuletzt bearbeitet 04.12.2024 21:15:21

Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)