Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-43615

  • EPSS 0.31%
  • Veröffentlicht 07.10.2023 01:15:10
  • Zuletzt bearbeitet 21.11.2024 08:24:28

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.

9.8

CVE-2023-45239

Exploit
  • EPSS 35.89%
  • Veröffentlicht 06.10.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 08:26:36

A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remo...

8.8

CVE-2023-39928

  • EPSS 0.16%
  • Veröffentlicht 06.10.2023 16:15:13
  • Zuletzt bearbeitet 21.11.2024 08:16:03

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a ...

8.1

CVE-2023-39323

  • EPSS 0.06%
  • Veröffentlicht 05.10.2023 21:15:11
  • Zuletzt bearbeitet 12.06.2025 16:15:20

Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build"...

5.5

CVE-2023-5441

Exploit
  • EPSS 0.02%
  • Veröffentlicht 05.10.2023 21:15:11
  • Zuletzt bearbeitet 21.11.2024 08:41:46

NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.

6.5

CVE-2023-40745

  • EPSS 0.35%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:20:03

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

6.5

CVE-2023-41175

  • EPSS 0.26%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 04.12.2024 08:15:05

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based...

5.5

CVE-2023-42754

Exploit
  • EPSS 0.01%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:23:06

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue...

8.8

CVE-2023-5346

  • EPSS 0.59%
  • Veröffentlicht 05.10.2023 18:15:13
  • Zuletzt bearbeitet 01.05.2025 20:15:35

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.2

CVE-2023-39191

  • EPSS 0.01%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:52

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with...