Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-5828

  • EPSS 1.75%
  • Veröffentlicht 27.06.2019 17:15:14
  • Zuletzt bearbeitet 21.11.2024 04:45:35

Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

6.5

CVE-2019-5805

  • EPSS 2%
  • Veröffentlicht 27.06.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:45:31

Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8

CVE-2019-5806

  • EPSS 1.75%
  • Veröffentlicht 27.06.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:45:31

Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2019-5807

  • EPSS 1.75%
  • Veröffentlicht 27.06.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:45:32

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2019-5808

  • EPSS 2.97%
  • Veröffentlicht 27.06.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:45:32

Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9

CVE-2019-10164

  • EPSS 5.9%
  • Veröffentlicht 26.06.2019 16:15:09
  • Zuletzt bearbeitet 21.11.2024 04:18:33

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often su...

7

CVE-2019-12817

  • EPSS 0.07%
  • Veröffentlicht 25.06.2019 12:15:11
  • Zuletzt bearbeitet 21.11.2024 04:23:38

arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of pow...

7.8

CVE-2019-12957

Exploit
  • EPSS 0.3%
  • Veröffentlicht 25.06.2019 00:15:09
  • Zuletzt bearbeitet 21.11.2024 04:23:53

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdfto...

7.8

CVE-2018-20843

Exploit
  • EPSS 5.83%
  • Veröffentlicht 24.06.2019 17:15:09
  • Zuletzt bearbeitet 30.05.2025 20:15:20

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

5.3

CVE-2019-11038

Exploit
  • EPSS 10.72%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:20:25

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t...