Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2019-16892

Exploit
  • EPSS 0.18%
  • Veröffentlicht 25.09.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:17

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption).

7.5

CVE-2019-16884

Exploit
  • EPSS 0.57%
  • Veröffentlicht 25.09.2019 18:15:13
  • Zuletzt bearbeitet 21.11.2024 04:31:16

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc direct...

7.5

CVE-2019-5094

Exploit
  • EPSS 0.31%
  • Veröffentlicht 24.09.2019 22:15:13
  • Zuletzt bearbeitet 30.05.2025 19:15:24

An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition ...

9.8

CVE-2019-16746

  • EPSS 2.6%
  • Veröffentlicht 24.09.2019 06:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:06

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

6.5

CVE-2019-16707

Exploit
  • EPSS 0.53%
  • Veröffentlicht 23.09.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:01

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

7.8

CVE-2019-14816

Exploit
  • EPSS 0.09%
  • Veröffentlicht 20.09.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:25

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

8.8

CVE-2019-14821

  • EPSS 0.11%
  • Veröffentlicht 19.09.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:27:25

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher...

6.5

CVE-2019-11779

  • EPSS 6.79%
  • Veröffentlicht 19.09.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:21:46

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.

7.8

CVE-2019-14835

Exploit
  • EPSS 0.08%
  • Veröffentlicht 17.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:27:27

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript...

9.8

CVE-2019-16239

  • EPSS 8.53%
  • Veröffentlicht 17.09.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:30:21

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.