Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.91%
  • Veröffentlicht 07.02.2019 07:29:01
  • Zuletzt bearbeitet 21.11.2024 04:48:21

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

Exploit
  • EPSS 2.81%
  • Veröffentlicht 07.02.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:20

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

Exploit
  • EPSS 2.96%
  • Veröffentlicht 07.02.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:20

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).

Exploit
  • EPSS 2.81%
  • Veröffentlicht 07.02.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:21

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.

Exploit
  • EPSS 2.96%
  • Veröffentlicht 07.02.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:21

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

Exploit
  • EPSS 2.95%
  • Veröffentlicht 07.02.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:21

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).

Exploit
  • EPSS 2.99%
  • Veröffentlicht 07.02.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:21

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

  • EPSS 4.87%
  • Veröffentlicht 06.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:05

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

  • EPSS 4.7%
  • Veröffentlicht 06.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:05

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

Exploit
  • EPSS 1.88%
  • Veröffentlicht 04.02.2019 21:29:01
  • Zuletzt bearbeitet 19.03.2025 20:15:15

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An aut...