Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2021-2010

  • EPSS 0.36%
  • Veröffentlicht 20.01.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 06:02:10

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with net...

7.1

CVE-2021-2011

  • EPSS 0.52%
  • Veröffentlicht 20.01.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 06:02:10

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via m...

7.8

CVE-2020-14409

  • EPSS 0.12%
  • Veröffentlicht 19.01.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:12

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

5.8

CVE-2020-14410

  • EPSS 0.16%
  • Veröffentlicht 19.01.2021 20:15:12
  • Zuletzt bearbeitet 20.03.2025 17:01:20

SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.

6.5

CVE-2021-3181

  • EPSS 2.21%
  • Veröffentlicht 19.01.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:04

rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email me...

6.5

CVE-2021-3178

  • EPSS 0.39%
  • Veröffentlicht 19.01.2021 07:15:13
  • Zuletzt bearbeitet 21.11.2024 06:21:04

fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirecto...

9.8

CVE-2021-3177

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.01.2021 06:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:03

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to ...

7.5

CVE-2020-36193

Warnung
  • EPSS 83.04%
  • Veröffentlicht 18.01.2021 20:15:12
  • Zuletzt bearbeitet 03.04.2025 19:44:16

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

7.5

CVE-2020-35733

  • EPSS 0.22%
  • Veröffentlicht 15.01.2021 14:15:14
  • Zuletzt bearbeitet 21.11.2024 05:27:58

An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.

7.2

CVE-2020-26262

Exploit
  • EPSS 0.34%
  • Veröffentlicht 13.01.2021 19:15:16
  • Zuletzt bearbeitet 21.11.2024 05:19:41

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x.x.x`. However, it was observed that when sending ...