Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 57.61%
  • Veröffentlicht 19.07.2019 23:15:11
  • Zuletzt bearbeitet 04.11.2025 16:15:42

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.

Exploit
  • EPSS 6.27%
  • Veröffentlicht 19.07.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:18:04

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condit...

Exploit
  • EPSS 2.79%
  • Veröffentlicht 19.07.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:17:59

scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.

  • EPSS 1.37%
  • Veröffentlicht 18.07.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:17:57

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hf...

Exploit
  • EPSS 6.08%
  • Veröffentlicht 17.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:22

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

Exploit
  • EPSS 1.81%
  • Veröffentlicht 17.07.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:23

SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.

Warnung Exploit
  • EPSS 52.2%
  • Veröffentlicht 17.07.2019 13:15:10
  • Zuletzt bearbeitet 06.11.2025 16:51:07

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with...

  • EPSS 31.22%
  • Veröffentlicht 17.07.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:52:25

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, w...

  • EPSS 3.15%
  • Veröffentlicht 17.07.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:52:26

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include rem...

Exploit
  • EPSS 11.66%
  • Veröffentlicht 16.07.2019 18:15:13
  • Zuletzt bearbeitet 21.11.2024 04:24:13

In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH serve...