Fedoraproject

Fedora

5355 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2014-8504

Exploit
  • EPSS 4.32%
  • Veröffentlicht 09.12.2014 23:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

7.5

CVE-2014-8503

Exploit
  • EPSS 7.38%
  • Veröffentlicht 09.12.2014 23:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.

7.5

CVE-2014-8502

Exploit
  • EPSS 6.16%
  • Veröffentlicht 09.12.2014 23:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE ...

7.5

CVE-2014-8501

Exploit
  • EPSS 5.88%
  • Veröffentlicht 09.12.2014 23:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in ...

7.5

CVE-2014-8485

Medienbericht Exploit
  • EPSS 3.54%
  • Veröffentlicht 09.12.2014 23:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.

5

CVE-2014-8484

  • EPSS 2.02%
  • Veröffentlicht 09.12.2014 23:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.

7.5

CVE-2014-8990

Exploit
  • EPSS 4.31%
  • Veröffentlicht 05.12.2014 16:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.

7.5

CVE-2014-9220

  • EPSS 0.44%
  • Veröffentlicht 03.12.2014 01:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.

7.5

CVE-2014-9093

  • EPSS 3.27%
  • Veröffentlicht 26.11.2014 15:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.

6.1

CVE-2010-5312

Exploit
  • EPSS 5.93%
  • Veröffentlicht 24.11.2014 16:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.