Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 36.97%
  • Veröffentlicht 26.04.2016 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflo...

  • EPSS 5.97%
  • Veröffentlicht 19.04.2016 21:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

  • EPSS 4.61%
  • Veröffentlicht 19.04.2016 21:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

  • EPSS 5.52%
  • Veröffentlicht 19.04.2016 21:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which tri...

  • EPSS 5.51%
  • Veröffentlicht 19.04.2016 21:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) ...

  • EPSS 0.46%
  • Veröffentlicht 19.04.2016 14:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.

  • EPSS 2.56%
  • Veröffentlicht 18.04.2016 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.

  • EPSS 3.56%
  • Veröffentlicht 18.04.2016 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file.

  • EPSS 1.12%
  • Veröffentlicht 15.04.2016 15:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.

  • EPSS 3.4%
  • Veröffentlicht 15.04.2016 14:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount o...