Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.56%
  • Veröffentlicht 19.10.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:33

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.

Exploit
  • EPSS 2.56%
  • Veröffentlicht 19.10.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:33

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.

  • EPSS 2.08%
  • Veröffentlicht 16.10.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 05:41:38

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.

  • EPSS 2.19%
  • Veröffentlicht 10.10.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:32

phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.

Exploit
  • EPSS 67.08%
  • Veröffentlicht 10.10.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:32

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject mali...

  • EPSS 0.35%
  • Veröffentlicht 07.10.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:24

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable...

Exploit
  • EPSS 2.45%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:18:55

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.

Exploit
  • EPSS 4.92%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:18:55

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

Exploit
  • EPSS 3.94%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:18:56

In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasona...

  • EPSS 3.12%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:20:06

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.