Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-48231

  • EPSS 0.05%
  • Veröffentlicht 16.11.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 08:31:15

Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc...

4.3

CVE-2023-48232

  • EPSS 0.05%
  • Veröffentlicht 16.11.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 08:31:15

Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border i...

4.3

CVE-2023-48233

  • EPSS 0.08%
  • Veröffentlicht 16.11.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 08:31:16

Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all...

8.8

CVE-2023-5997

  • EPSS 0.53%
  • Veröffentlicht 15.11.2023 18:15:06
  • Zuletzt bearbeitet 21.11.2024 08:42:56

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-6112

  • EPSS 25.4%
  • Veröffentlicht 15.11.2023 18:15:06
  • Zuletzt bearbeitet 21.11.2024 08:43:09

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-5528

  • EPSS 18.9%
  • Veröffentlicht 14.11.2023 21:15:14
  • Zuletzt bearbeitet 03.01.2025 19:42:12

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree sto...

7.5

CVE-2023-46849

  • EPSS 0.48%
  • Veröffentlicht 11.11.2023 01:15:07
  • Zuletzt bearbeitet 11.06.2025 15:15:26

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.

9.8

CVE-2023-46850

  • EPSS 3.73%
  • Veröffentlicht 11.11.2023 01:15:07
  • Zuletzt bearbeitet 21.11.2024 08:29:25

Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.

3.3

CVE-2023-5543

  • EPSS 0.09%
  • Veröffentlicht 09.11.2023 22:15:11
  • Zuletzt bearbeitet 21.11.2024 08:41:58

When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.

3.3

CVE-2023-5551

  • EPSS 0.07%
  • Veröffentlicht 09.11.2023 20:15:11
  • Zuletzt bearbeitet 21.11.2024 08:41:59

Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.