Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2020-14775

  • EPSS 1.44%
  • Veröffentlicht 21.10.2020 15:15:17
  • Zuletzt bearbeitet 21.11.2024 05:04:07

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mul...

4

CVE-2020-14776

  • EPSS 0.97%
  • Veröffentlicht 21.10.2020 15:15:17
  • Zuletzt bearbeitet 21.11.2024 05:04:07

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu...

6.8

CVE-2020-14672

  • EPSS 1.1%
  • Veröffentlicht 21.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:03:51

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged...

7.5

CVE-2020-25648

  • EPSS 0.09%
  • Veröffentlicht 20.10.2020 22:15:43
  • Zuletzt bearbeitet 21.11.2024 05:18:20

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this ...

7.5

CVE-2020-24387

Exploit
  • EPSS 0.79%
  • Veröffentlicht 19.10.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:14:43

An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in...

7.5

CVE-2020-24388

Exploit
  • EPSS 0.79%
  • Veröffentlicht 19.10.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:14:43

An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that will crash t...

7.5

CVE-2020-24265

Exploit
  • EPSS 0.55%
  • Veröffentlicht 19.10.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:33

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.

7.5

CVE-2020-24266

Exploit
  • EPSS 0.55%
  • Veröffentlicht 19.10.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:33

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.

8.8

CVE-2020-9983

  • EPSS 1.3%
  • Veröffentlicht 16.10.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 05:41:38

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.

6.1

CVE-2020-26934

  • EPSS 2.79%
  • Veröffentlicht 10.10.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:32

phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.