Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-1060

  • EPSS 0.51%
  • Published 30.01.2024 22:15:53
  • Last modified 29.05.2025 15:15:27

Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-1077

  • EPSS 0.64%
  • Published 30.01.2024 22:15:53
  • Last modified 03.06.2025 19:15:34

Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

8.8

CVE-2024-1059

  • EPSS 0.42%
  • Published 30.01.2024 22:15:52
  • Last modified 08.05.2025 18:15:41

Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2024-23334

Exploit
  • EPSS 93.56%
  • Published 29.01.2024 23:15:08
  • Last modified 21.11.2024 08:57:32

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' ca...

6.5

CVE-2024-23829

Exploit
  • EPSS 0.23%
  • Published 29.01.2024 23:15:08
  • Last modified 21.11.2024 08:58:30

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame bounda...

5.5

CVE-2023-40546

  • EPSS 0.03%
  • Published 29.01.2024 17:15:08
  • Last modified 21.11.2024 08:19:41

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match ...

5.5

CVE-2023-40549

  • EPSS 0.03%
  • Published 29.01.2024 17:15:08
  • Last modified 21.11.2024 08:19:42

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of se...

5.5

CVE-2023-40550

  • EPSS 0.03%
  • Published 29.01.2024 17:15:08
  • Last modified 21.11.2024 08:19:42

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.

5.1

CVE-2023-40551

  • EPSS 0.02%
  • Published 29.01.2024 17:15:08
  • Last modified 21.11.2024 08:19:42

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.

7.4

CVE-2023-40548

  • EPSS 0.04%
  • Published 29.01.2024 15:15:08
  • Last modified 21.11.2024 08:19:41

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, l...