Fedoraproject

Fedora

5355 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-0814

  • EPSS 0.13%
  • Veröffentlicht 24.01.2024 00:15:08
  • Zuletzt bearbeitet 30.05.2025 15:15:31

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

7.5

CVE-2024-0804

  • EPSS 0.11%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 22.05.2025 18:15:38

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2024-0805

  • EPSS 0.13%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 20.06.2025 19:15:30

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

8.8

CVE-2024-0806

  • EPSS 0.26%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 20.06.2025 19:15:30

Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

8.8

CVE-2024-0807

  • EPSS 0.2%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 20.06.2025 19:15:31

Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.8

CVE-2024-0808

  • EPSS 0.34%
  • Veröffentlicht 24.01.2024 00:15:07
  • Zuletzt bearbeitet 30.05.2025 15:15:31

Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

7.5

CVE-2023-39197

  • EPSS 0.04%
  • Veröffentlicht 23.01.2024 03:15:11
  • Zuletzt bearbeitet 21.11.2024 08:14:53

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.

6.1

CVE-2024-22420

  • EPSS 0.34%
  • Veröffentlicht 19.01.2024 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:56:15

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. ...

6.5

CVE-2024-22421

  • EPSS 0.14%
  • Veröffentlicht 19.01.2024 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:56:15

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a th...

5.5

CVE-2024-0408

  • EPSS 0.02%
  • Veröffentlicht 18.01.2024 16:15:08
  • Zuletzt bearbeitet 29.08.2025 13:42:30

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another r...