Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.79%
  • Veröffentlicht 12.01.2017 22:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mod...

  • EPSS 4.09%
  • Veröffentlicht 12.01.2017 22:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.

  • EPSS 0.44%
  • Veröffentlicht 23.12.2016 22:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.

  • EPSS 2.35%
  • Veröffentlicht 23.12.2016 22:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which gre...

Exploit
  • EPSS 14.74%
  • Veröffentlicht 13.12.2016 22:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.

  • EPSS 3.32%
  • Veröffentlicht 13.12.2016 20:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.

  • EPSS 2.29%
  • Veröffentlicht 13.12.2016 20:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.

  • EPSS 2.44%
  • Veröffentlicht 13.12.2016 20:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.

  • EPSS 2.72%
  • Veröffentlicht 13.12.2016 20:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.

  • EPSS 3.72%
  • Veröffentlicht 13.12.2016 20:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.