Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-6351

  • EPSS 0.29%
  • Veröffentlicht 29.11.2023 12:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:40

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

5.9

CVE-2023-5981

  • EPSS 0.57%
  • Veröffentlicht 28.11.2023 12:15:07
  • Zuletzt bearbeitet 04.11.2025 20:17:14

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

6.5

CVE-2023-6277

Exploit
  • EPSS 0.42%
  • Veröffentlicht 24.11.2023 19:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:31

An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.

7.8

CVE-2023-5972

  • EPSS 0.02%
  • Veröffentlicht 23.11.2023 18:15:07
  • Zuletzt bearbeitet 21.11.2024 08:42:53

A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system.

6.7

CVE-2023-6238

  • EPSS 0.02%
  • Veröffentlicht 21.11.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:43:26

A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unre...

5.5

CVE-2023-5341

  • EPSS 0.04%
  • Veröffentlicht 19.11.2023 10:15:49
  • Zuletzt bearbeitet 07.02.2025 03:15:10

A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.

4.3

CVE-2023-48234

  • EPSS 0.06%
  • Veröffentlicht 16.11.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:31:16

Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has ...

4.3

CVE-2023-48235

  • EPSS 0.07%
  • Veröffentlicht 16.11.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:31:16

Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will ca...

4.3

CVE-2023-48236

  • EPSS 0.06%
  • Veröffentlicht 16.11.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:31:16

Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerabil...

4.3

CVE-2023-48237

  • EPSS 0.05%
  • Veröffentlicht 16.11.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:31:16

Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a cras...