Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2020-14323

  • EPSS 0.39%
  • Veröffentlicht 29.10.2020 20:15:17
  • Zuletzt bearbeitet 21.11.2024 05:03:00

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

7

CVE-2020-15238

Exploit
  • EPSS 0.45%
  • Veröffentlicht 27.10.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:05:09

Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is dis...

5.3

CVE-2020-27674

  • EPSS 0.07%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

4.7

CVE-2020-27675

  • EPSS 0.1%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL point...

7.8

CVE-2020-27670

  • EPSS 0.04%
  • Veröffentlicht 22.10.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:21:37

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.

7.8

CVE-2020-27671

  • EPSS 0.07%
  • Veröffentlicht 22.10.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.

7

CVE-2020-27672

  • EPSS 0.04%
  • Veröffentlicht 22.10.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB...

7.5

CVE-2020-27638

  • EPSS 1.11%
  • Veröffentlicht 22.10.2020 13:15:15
  • Zuletzt bearbeitet 21.11.2024 05:21:33

receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.

9.8

CVE-2020-27619

  • EPSS 1.18%
  • Veröffentlicht 22.10.2020 03:16:31
  • Zuletzt bearbeitet 21.11.2024 05:21:29

In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.

6.8

CVE-2020-14812

  • EPSS 0.77%
  • Veröffentlicht 21.10.2020 15:15:20
  • Zuletzt bearbeitet 21.11.2024 05:04:13

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker...