Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2014-3152

  • EPSS 3.2%
  • Veröffentlicht 21.05.2014 11:14:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspeci...

4

CVE-2014-1682

  • EPSS 0.25%
  • Veröffentlicht 08.05.2014 14:29:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.

5.5

CVE-2014-1685

  • EPSS 0.39%
  • Veröffentlicht 08.05.2014 14:29:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.

4.3

CVE-2014-0190

  • EPSS 2.8%
  • Veröffentlicht 08.05.2014 14:29:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

4.3

CVE-2014-0198

  • EPSS 30.89%
  • Veröffentlicht 06.05.2014 10:44:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL...

4.3

CVE-2010-5109

  • EPSS 1.24%
  • Veröffentlicht 05.05.2014 17:06:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.

6.1

CVE-2014-1530

  • EPSS 0.87%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...

9.3

CVE-2014-1531

Exploit
  • EPSS 5.09%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...

9.8

CVE-2014-1532

Exploit
  • EPSS 4.89%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...

9.3

CVE-2014-1518

Exploit
  • EPSS 2.82%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...