Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-46838

  • EPSS 0.16%
  • Veröffentlicht 29.01.2024 11:15:07
  • Zuletzt bearbeitet 02.06.2025 19:15:21

Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be tra...

4.3

CVE-2024-0809

  • EPSS 0.02%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 15.05.2025 15:16:07

Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2024-0811

  • EPSS 0.26%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 16.06.2025 19:15:29

Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Lo...

8.8

CVE-2024-0812

  • EPSS 0.33%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 30.05.2025 15:15:31

Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-0813

  • EPSS 0.08%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 21.11.2024 08:47:25

Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

6.5

CVE-2024-0814

  • EPSS 0.13%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 30.05.2025 15:15:31

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

7.5

CVE-2024-0804

  • EPSS 0.11%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 22.05.2025 18:15:38

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2024-0805

  • EPSS 0.13%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 20.06.2025 19:15:30

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

8.8

CVE-2024-0806

  • EPSS 0.33%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 20.06.2025 19:15:30

Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

8.8

CVE-2024-0807

  • EPSS 0.25%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 20.06.2025 19:15:31

Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)