Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.62%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 23.06.2026 18:17:36

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...

  • EPSS 0.72%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 23.06.2026 18:17:37

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a wi...

  • EPSS 1.3%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:22:02

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

  • EPSS 1.74%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 05.05.2025 15:15:53

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

  • EPSS 1.23%
  • Veröffentlicht 25.10.2023 18:17:43
  • Zuletzt bearbeitet 01.05.2025 19:15:56

Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • EPSS 2.98%
  • Veröffentlicht 23.10.2023 07:15:11
  • Zuletzt bearbeitet 01.08.2025 02:03:27

Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

  • EPSS 3.02%
  • Veröffentlicht 23.10.2023 07:15:11
  • Zuletzt bearbeitet 25.08.2025 02:09:55

When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, ...

Exploit
  • EPSS 0.79%
  • Veröffentlicht 20.10.2023 17:15:08
  • Zuletzt bearbeitet 21.11.2024 08:42:16

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

  • EPSS 0.44%
  • Veröffentlicht 18.10.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:26:26

Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enable...

Warnung Exploit
  • EPSS 75.87%
  • Veröffentlicht 18.10.2023 15:15:08
  • Zuletzt bearbeitet 30.10.2025 20:11:10

Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbi...