Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-5857

  • EPSS 1.25%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:38

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)

4.3

CVE-2023-5858

  • EPSS 0.71%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 12.06.2025 15:15:35

Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2023-5859

  • EPSS 0.67%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:38

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

6.1

CVE-2023-5480

  • EPSS 0.23%
  • Veröffentlicht 01.11.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 08:41:51

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

8.8

CVE-2023-5482

  • EPSS 13.86%
  • Veröffentlicht 01.11.2023 18:15:09
  • Zuletzt bearbeitet 30.04.2025 15:15:59

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

5.3

CVE-2023-43796

  • EPSS 0.21%
  • Veröffentlicht 31.10.2023 17:15:23
  • Zuletzt bearbeitet 13.02.2025 17:17:13

Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are...

3.3

CVE-2023-5349

Exploit
  • EPSS 0.05%
  • Veröffentlicht 30.10.2023 21:15:07
  • Zuletzt bearbeitet 04.11.2025 20:17:12

A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.

7.5

CVE-2023-34058

  • EPSS 0.02%
  • Veröffentlicht 27.10.2023 05:15:38
  • Zuletzt bearbeitet 06.03.2025 16:15:41

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a...

7.8

CVE-2023-5367

  • EPSS 0.06%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...

4.7

CVE-2023-5380

  • EPSS 0.08%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a wi...