Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-5455

  • EPSS 0.37%
  • Veröffentlicht 10.01.2024 13:15:48
  • Zuletzt bearbeitet 21.11.2024 08:41:47

A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of ...

7.8

CVE-2021-3600

  • EPSS 0.12%
  • Veröffentlicht 08.01.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:56

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.

7

CVE-2023-6270

  • EPSS 0.02%
  • Veröffentlicht 04.01.2024 17:15:08
  • Zuletzt bearbeitet 30.08.2025 09:15:31

A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the ac...

8.8

CVE-2024-0224

  • EPSS 0.57%
  • Veröffentlicht 04.01.2024 02:15:29
  • Zuletzt bearbeitet 18.06.2025 16:15:25

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-0225

  • EPSS 0.81%
  • Veröffentlicht 04.01.2024 02:15:29
  • Zuletzt bearbeitet 18.06.2025 16:15:25

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-0222

  • EPSS 0.56%
  • Veröffentlicht 04.01.2024 02:15:28
  • Zuletzt bearbeitet 18.06.2025 16:15:25

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-0223

  • EPSS 9.62%
  • Veröffentlicht 04.01.2024 02:15:28
  • Zuletzt bearbeitet 18.06.2025 16:15:25

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

3.3

CVE-2024-0217

  • EPSS 0.01%
  • Veröffentlicht 03.01.2024 17:15:12
  • Zuletzt bearbeitet 21.11.2024 08:46:05

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory reg...

4.8

CVE-2023-6004

  • EPSS 0.07%
  • Veröffentlicht 03.01.2024 17:15:11
  • Zuletzt bearbeitet 21.11.2024 08:42:57

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through th...

5.3

CVE-2023-6693

  • EPSS 0.03%
  • Veröffentlicht 02.01.2024 10:15:08
  • Zuletzt bearbeitet 06.05.2025 09:15:16

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. Th...