Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.88%
  • Veröffentlicht 04.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:23:04

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to t...

  • EPSS 2.88%
  • Veröffentlicht 04.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:44

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious i...

  • EPSS 2.88%
  • Veröffentlicht 04.03.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:59

A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious inpu...

Exploit
  • EPSS 1.69%
  • Veröffentlicht 03.03.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:50:49

A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet.

Exploit
  • EPSS 1.06%
  • Veröffentlicht 03.03.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:50:49

Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.

  • EPSS 77.39%
  • Veröffentlicht 03.03.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:50:49

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is con...

Exploit
  • EPSS 32.36%
  • Veröffentlicht 03.03.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:50:50

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over ne...

Exploit
  • EPSS 1.9%
  • Veröffentlicht 03.03.2021 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:22:58

An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a m...

Exploit
  • EPSS 0.51%
  • Veröffentlicht 03.03.2021 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:38:40

Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.

  • EPSS 0.61%
  • Veröffentlicht 03.03.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:46:10

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters...