Fedoraproject

Fedora

5326 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-10196

  • EPSS 0.1%
  • Veröffentlicht 30.05.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:59

NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.

7.9

CVE-2018-1111

Exploit
  • EPSS 89.18%
  • Veröffentlicht 17.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:12

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network ab...

9.8

CVE-2018-10771

Exploit
  • EPSS 0.91%
  • Veröffentlicht 07.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:00

Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

9.8

CVE-2018-10753

  • EPSS 0.91%
  • Veröffentlicht 05.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:59

Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

7.1

CVE-2013-0159

  • EPSS 0.04%
  • Veröffentlicht 01.05.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 01:46:57

The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg.

5.5

CVE-2017-6888

  • EPSS 0.45%
  • Veröffentlicht 25.04.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:30:43

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

8.8

CVE-2018-3846

Exploit
  • EPSS 1.41%
  • Veröffentlicht 16.04.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:06:09

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potent...

8.8

CVE-2018-3848

Exploit
  • EPSS 1.31%
  • Veröffentlicht 16.04.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:06:09

In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain c...

8.8

CVE-2018-3849

Exploit
  • EPSS 0.87%
  • Veröffentlicht 16.04.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:06:09

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain c...

6.5

CVE-2014-1398

  • EPSS 0.38%
  • Veröffentlicht 10.04.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 02:04:12

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors.