Fedoraproject

Fedora

5326 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-4610

  • EPSS 3.26%
  • Veröffentlicht 22.07.2016 02:59:34
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

9.8

CVE-2016-4609

  • EPSS 5.59%
  • Veröffentlicht 22.07.2016 02:59:32
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

9.8

CVE-2016-4608

  • EPSS 5.21%
  • Veröffentlicht 22.07.2016 02:59:31
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

9.8

CVE-2016-4607

  • EPSS 4.74%
  • Veröffentlicht 22.07.2016 02:59:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly ...

5.9

CVE-2016-2775

  • EPSS 33.5%
  • Veröffentlicht 19.07.2016 22:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight reso...

8.1

CVE-2016-5387

  • EPSS 77.27%
  • Veröffentlicht 19.07.2016 02:00:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app...

8.1

CVE-2016-5386

  • EPSS 81.56%
  • Veröffentlicht 19.07.2016 02:00:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi...

8.1

CVE-2016-5385

  • EPSS 85.2%
  • Veröffentlicht 19.07.2016 02:00:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attacker...

5.5

CVE-2015-8808

  • EPSS 0.29%
  • Veröffentlicht 13.07.2016 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

5.5

CVE-2015-3192

  • EPSS 1.08%
  • Veröffentlicht 12.07.2016 19:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) vi...