Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-6679

  • EPSS 0.01%
  • Veröffentlicht 11.12.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:44:19

A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.

8.8

CVE-2023-6185

  • EPSS 1.22%
  • Veröffentlicht 11.12.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:06

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped wh...

8.8

CVE-2023-6186

  • EPSS 1.09%
  • Veröffentlicht 11.12.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:06

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that c...

5.5

CVE-2023-6622

  • EPSS 0.01%
  • Veröffentlicht 08.12.2023 18:15:07
  • Zuletzt bearbeitet 25.06.2025 20:52:54

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.

6.3

CVE-2023-45866

  • EPSS 34.35%
  • Veröffentlicht 08.12.2023 06:15:45
  • Zuletzt bearbeitet 04.11.2025 20:17:09

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has oc...

6.5

CVE-2023-46218

Exploit
  • EPSS 0.43%
  • Veröffentlicht 07.12.2023 01:15:07
  • Zuletzt bearbeitet 30.06.2025 17:15:29

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites ...

8.8

CVE-2023-6508

  • EPSS 0.91%
  • Veröffentlicht 06.12.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:59

Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-6509

  • EPSS 1.17%
  • Veröffentlicht 06.12.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:59

Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security sev...

8.8

CVE-2023-6510

  • EPSS 1.17%
  • Veröffentlicht 06.12.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:44:00

Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severit...

4.3

CVE-2023-6511

  • EPSS 0.2%
  • Veröffentlicht 06.12.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 08:44:00

Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)