Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.01%
  • Veröffentlicht 12.05.2015 19:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.

  • EPSS 8.74%
  • Veröffentlicht 12.05.2015 19:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.

  • EPSS 7.19%
  • Veröffentlicht 12.05.2015 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code ...

  • EPSS 7.22%
  • Veröffentlicht 12.05.2015 19:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted B...

  • EPSS 0.79%
  • Veröffentlicht 28.04.2015 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

  • EPSS 7.65%
  • Veröffentlicht 28.04.2015 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-...

  • EPSS 17.94%
  • Veröffentlicht 24.04.2015 14:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.

  • EPSS 37.63%
  • Veröffentlicht 24.04.2015 14:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via...

  • EPSS 2.32%
  • Veröffentlicht 14.04.2015 18:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.

  • EPSS 7.8%
  • Veröffentlicht 10.04.2015 15:00:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.