Fedoraproject

Fedora

5355 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-5496

Exploit
  • EPSS 0.88%
  • Veröffentlicht 30.05.2024 23:15:48
  • Zuletzt bearbeitet 26.12.2024 16:43:17

Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5497

Exploit
  • EPSS 0.72%
  • Veröffentlicht 30.05.2024 23:15:48
  • Zuletzt bearbeitet 26.12.2024 16:43:33

Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security sev...

8.8

CVE-2024-5498

Exploit
  • EPSS 0.1%
  • Veröffentlicht 30.05.2024 23:15:48
  • Zuletzt bearbeitet 26.12.2024 16:43:44

Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5499

Exploit
  • EPSS 1.31%
  • Veröffentlicht 30.05.2024 23:15:48
  • Zuletzt bearbeitet 26.12.2024 16:07:06

Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-32760

  • EPSS 0.48%
  • Veröffentlicht 29.05.2024 16:15:10
  • Zuletzt bearbeitet 24.01.2025 16:21:55

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.

5.3

CVE-2024-34161

  • EPSS 0.72%
  • Veröffentlicht 29.05.2024 16:15:10
  • Zuletzt bearbeitet 24.01.2025 16:20:57

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to...

5.3

CVE-2024-35200

  • EPSS 0.43%
  • Veröffentlicht 29.05.2024 16:15:10
  • Zuletzt bearbeitet 24.01.2025 16:15:15

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.

4.8

CVE-2024-31079

  • EPSS 0.48%
  • Veröffentlicht 29.05.2024 16:15:09
  • Zuletzt bearbeitet 24.01.2025 16:01:04

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the...

9.6

CVE-2024-5274

Warnung Exploit
  • EPSS 6.64%
  • Veröffentlicht 28.05.2024 15:15:10
  • Zuletzt bearbeitet 24.10.2025 14:07:01

Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2024-5159

Exploit
  • EPSS 0.39%
  • Veröffentlicht 22.05.2024 16:15:11
  • Zuletzt bearbeitet 19.12.2024 19:55:52

Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)