Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.64%
  • Veröffentlicht 20.02.2016 01:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) s...

  • EPSS 2.48%
  • Veröffentlicht 20.02.2016 01:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.

  • EPSS 2.56%
  • Veröffentlicht 20.02.2016 01:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.

  • EPSS 1.48%
  • Veröffentlicht 19.02.2016 16:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings.

  • EPSS 7.16%
  • Veröffentlicht 16.02.2016 02:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted para...

  • EPSS 2.25%
  • Veröffentlicht 13.02.2016 02:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform...

  • EPSS 2.32%
  • Veröffentlicht 13.02.2016 02:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis...

Exploit
  • EPSS 8.31%
  • Veröffentlicht 13.02.2016 02:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based...

  • EPSS 4.07%
  • Veröffentlicht 13.02.2016 02:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary ...

  • EPSS 0.56%
  • Veröffentlicht 08.02.2016 03:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_v...