Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-0223

  • EPSS 9.62%
  • Veröffentlicht 04.01.2024 02:15:28
  • Zuletzt bearbeitet 18.06.2025 16:15:25

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

3.3

CVE-2024-0217

  • EPSS 0.01%
  • Veröffentlicht 03.01.2024 17:15:12
  • Zuletzt bearbeitet 21.11.2024 08:46:05

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory reg...

4.8

CVE-2023-6004

  • EPSS 0.05%
  • Veröffentlicht 03.01.2024 17:15:11
  • Zuletzt bearbeitet 04.11.2025 19:16:23

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through th...

5.3

CVE-2023-6693

  • EPSS 0.03%
  • Veröffentlicht 02.01.2024 10:15:08
  • Zuletzt bearbeitet 03.11.2025 20:16:07

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. Th...

7.3

CVE-2023-7104

Exploit
  • EPSS 0.13%
  • Veröffentlicht 29.12.2023 10:15:13
  • Zuletzt bearbeitet 03.11.2025 22:16:33

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-base...

9.8

CVE-2023-6879

Exploit
  • EPSS 0.16%
  • Veröffentlicht 27.12.2023 23:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:11

Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc().

7.8

CVE-2023-7101

Warnung
  • EPSS 83.31%
  • Veröffentlicht 24.12.2023 22:15:07
  • Zuletzt bearbeitet 24.10.2025 16:39:52

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Speci...

7

CVE-2023-51767

  • EPSS 0.01%
  • Veröffentlicht 24.12.2023 07:15:07
  • Zuletzt bearbeitet 18.11.2025 22:15:43

OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable ...

5.3

CVE-2023-51766

Exploit
  • EPSS 1.64%
  • Veröffentlicht 24.12.2023 06:15:07
  • Zuletzt bearbeitet 04.11.2025 19:16:21

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mecha...

5.3

CVE-2023-51764

Exploit
  • EPSS 28.46%
  • Veröffentlicht 24.12.2023 05:15:08
  • Zuletzt bearbeitet 04.11.2025 22:15:56

Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a publishe...