Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.96%
  • Veröffentlicht 24.02.2021 16:15:14
  • Zuletzt bearbeitet 21.11.2024 05:22:59

A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vul...

  • EPSS 0.37%
  • Veröffentlicht 24.02.2021 15:15:13
  • Zuletzt bearbeitet 09.06.2025 15:15:25

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the loc...

  • EPSS 50.23%
  • Veröffentlicht 23.02.2021 23:15:14
  • Zuletzt bearbeitet 21.11.2024 06:21:25

A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.

Exploit
  • EPSS 0.57%
  • Veröffentlicht 23.02.2021 23:15:14
  • Zuletzt bearbeitet 21.11.2024 06:21:26

A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context.

Exploit
  • EPSS 1.09%
  • Veröffentlicht 23.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:03

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.

Exploit
  • EPSS 1.74%
  • Veröffentlicht 23.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:25

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.

Exploit
  • EPSS 1.88%
  • Veröffentlicht 23.02.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:12

A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access ...

Exploit
  • EPSS 1.2%
  • Veröffentlicht 23.02.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:57:03

A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.

  • EPSS 1.47%
  • Veröffentlicht 23.02.2021 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:10

A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.

Exploit
  • EPSS 1.47%
  • Veröffentlicht 22.02.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:47:39

Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.