Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-44271

  • EPSS 0.15%
  • Veröffentlicht 03.11.2023 05:15:30
  • Zuletzt bearbeitet 21.11.2024 08:25:33

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when...

7.5

CVE-2023-41164

  • EPSS 0.41%
  • Veröffentlicht 03.11.2023 05:15:29
  • Zuletzt bearbeitet 04.11.2025 18:15:41

In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

8.8

CVE-2023-5849

  • EPSS 1.14%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 29.04.2025 21:15:50

Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

4.3

CVE-2023-5850

  • EPSS 0.86%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:37

Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

4.3

CVE-2023-5851

  • EPSS 0.32%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:37

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2023-5852

  • EPSS 0.66%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 29.04.2025 21:15:50

Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

4.3

CVE-2023-5853

  • EPSS 0.67%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:38

Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2023-5854

  • EPSS 0.66%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 29.04.2025 21:15:50

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8

CVE-2023-5855

  • EPSS 0.66%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 29.04.2025 21:15:50

Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Med...

8.8

CVE-2023-5856

  • EPSS 0.66%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 29.04.2025 21:15:51

Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium...