Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-1062

  • EPSS 0.02%
  • Veröffentlicht 12.02.2024 13:15:09
  • Zuletzt bearbeitet 18.02.2025 11:15:11

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.

5.5

CVE-2023-52429

  • EPSS 0.02%
  • Veröffentlicht 12.02.2024 03:15:32
  • Zuletzt bearbeitet 04.11.2025 19:16:23

dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.

5.5

CVE-2024-1151

  • EPSS 0.02%
  • Veröffentlicht 11.02.2024 15:15:07
  • Zuletzt bearbeitet 21.11.2024 08:49:54

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many fram...

7.8

CVE-2024-0229

  • EPSS 0.32%
  • Veröffentlicht 09.02.2024 07:16:00
  • Zuletzt bearbeitet 04.11.2025 19:16:26

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if...

4.7

CVE-2024-1312

  • EPSS 0.02%
  • Veröffentlicht 08.02.2024 13:15:09
  • Zuletzt bearbeitet 21.11.2024 08:50:18

A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system.

7.5

CVE-2024-20290

  • EPSS 10.35%
  • Veröffentlicht 07.02.2024 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:52:14

A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values d...

9.8

CVE-2024-1283

  • EPSS 2.17%
  • Veröffentlicht 07.02.2024 00:15:56
  • Zuletzt bearbeitet 17.06.2025 15:15:38

Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.8

CVE-2024-1284

  • EPSS 0.74%
  • Veröffentlicht 07.02.2024 00:15:56
  • Zuletzt bearbeitet 15.05.2025 20:15:40

Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

3.3

CVE-2024-1048

  • EPSS 0.01%
  • Veröffentlicht 06.02.2024 18:15:59
  • Zuletzt bearbeitet 21.11.2024 08:49:40

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the...

5.5

CVE-2024-0690

  • EPSS 0.06%
  • Veröffentlicht 06.02.2024 12:15:55
  • Zuletzt bearbeitet 04.11.2025 19:16:27

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this iss...