Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.85%
  • Veröffentlicht 11.02.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:35:38

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Exploit
  • EPSS 1.65%
  • Veröffentlicht 11.02.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:35:38

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Exploit
  • EPSS 1.22%
  • Veröffentlicht 11.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 05:35:36

Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 1.18%
  • Veröffentlicht 11.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 05:35:36

Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 3.41%
  • Veröffentlicht 11.02.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 03:49:18

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).

  • EPSS 57.13%
  • Veröffentlicht 07.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:06

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

  • EPSS 0.89%
  • Veröffentlicht 06.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 02:46:36

nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).

  • EPSS 2.14%
  • Veröffentlicht 06.02.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 01:55:51

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created us...

  • EPSS 3.12%
  • Veröffentlicht 05.02.2020 20:15:10
  • Zuletzt bearbeitet 21.11.2024 01:22:59

A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client...

  • EPSS 3.29%
  • Veröffentlicht 05.02.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:33:40

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especial...