Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.49%
  • Veröffentlicht 24.08.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:03:06

A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check fo...

  • EPSS 5.55%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed re...

  • EPSS 6.35%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To ...

  • EPSS 3.64%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to ch...

  • EPSS 6.56%
  • Veröffentlicht 17.08.2020 19:15:21
  • Zuletzt bearbeitet 23.02.2026 18:25:45

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be ex...

Warnung Exploit
  • EPSS 99.51%
  • Veröffentlicht 17.08.2020 19:15:15
  • Zuletzt bearbeitet 23.02.2026 20:30:36

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability...

Exploit
  • EPSS 3.83%
  • Veröffentlicht 17.08.2020 17:15:13
  • Zuletzt bearbeitet 05.05.2025 14:12:47

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

Exploit
  • EPSS 1.09%
  • Veröffentlicht 13.08.2020 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:37

Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.

Exploit
  • EPSS 0.49%
  • Veröffentlicht 13.08.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:35

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.

Exploit
  • EPSS 0.49%
  • Veröffentlicht 13.08.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:36

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).