Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-41983

  • EPSS 1.11%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:22:02

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

8.8

CVE-2023-42852

  • EPSS 2.35%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 05.05.2025 15:15:53

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

8.8

CVE-2023-5472

  • EPSS 1.12%
  • Veröffentlicht 25.10.2023 18:17:43
  • Zuletzt bearbeitet 01.05.2025 19:15:56

Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-31122

  • EPSS 0.43%
  • Veröffentlicht 23.10.2023 07:15:11
  • Zuletzt bearbeitet 01.08.2025 02:03:27

Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

5.9

CVE-2023-45802

  • EPSS 1.74%
  • Veröffentlicht 23.10.2023 07:15:11
  • Zuletzt bearbeitet 25.08.2025 02:09:55

When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, ...

8.8

CVE-2023-5686

Exploit
  • EPSS 0.08%
  • Veröffentlicht 20.10.2023 17:15:08
  • Zuletzt bearbeitet 21.11.2024 08:42:16

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

3.6

CVE-2023-45145

  • EPSS 0.58%
  • Veröffentlicht 18.10.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:26:26

Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enable...

5.4

CVE-2023-5631

Warnung Exploit
  • EPSS 84.42%
  • Veröffentlicht 18.10.2023 15:15:08
  • Zuletzt bearbeitet 30.10.2025 20:11:10

Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbi...

9.8

CVE-2023-38545

  • EPSS 26.25%
  • Veröffentlicht 18.10.2023 04:15:11
  • Zuletzt bearbeitet 13.02.2025 17:16:47

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length th...

7.5

CVE-2023-38552

  • EPSS 0.41%
  • Veröffentlicht 18.10.2023 04:15:11
  • Zuletzt bearbeitet 03.11.2025 22:16:24

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity chec...