Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-22880

Exploit
  • EPSS 5.88%
  • Veröffentlicht 11.02.2021 18:15:17
  • Zuletzt bearbeitet 21.11.2024 05:50:49

The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter i...

6.1

CVE-2021-22881

Exploit
  • EPSS 6.85%
  • Veröffentlicht 11.02.2021 18:15:17
  • Zuletzt bearbeitet 21.11.2024 05:50:49

The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in A...

7.8

CVE-2020-35498

  • EPSS 5.77%
  • Veröffentlicht 11.02.2021 18:15:15
  • Zuletzt bearbeitet 23.04.2025 20:15:20

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a ...

7.5

CVE-2020-13578

Exploit
  • EPSS 0.15%
  • Veröffentlicht 10.02.2021 20:15:15
  • Zuletzt bearbeitet 21.11.2024 05:01:32

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

7.5

CVE-2020-13574

Exploit
  • EPSS 0.15%
  • Veröffentlicht 10.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:01:31

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

5

CVE-2020-13575

Exploit
  • EPSS 0.15%
  • Veröffentlicht 10.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:01:31

A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

9.8

CVE-2020-13576

Exploit
  • EPSS 0.76%
  • Veröffentlicht 10.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:01:32

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

7.5

CVE-2020-13577

Exploit
  • EPSS 0.15%
  • Veröffentlicht 10.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:01:32

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

7.9

CVE-2021-0326

  • EPSS 11.51%
  • Veröffentlicht 10.02.2021 17:15:19
  • Zuletzt bearbeitet 21.11.2024 05:42:31

In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed...

9.8

CVE-2021-27135

  • EPSS 1.14%
  • Veröffentlicht 10.02.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:23

xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.