Fedoraproject

Fedora

5326 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2014-0190

  • EPSS 1.08%
  • Veröffentlicht 08.05.2014 14:29:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

4.3

CVE-2014-0198

  • EPSS 30.89%
  • Veröffentlicht 06.05.2014 10:44:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL...

4.3

CVE-2010-5109

  • EPSS 1.24%
  • Veröffentlicht 05.05.2014 17:06:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.

6.1

CVE-2014-1530

  • EPSS 0.87%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...

9.3

CVE-2014-1531

Exploit
  • EPSS 5.09%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...

9.8

CVE-2014-1532

Exploit
  • EPSS 4.89%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...

9.3

CVE-2014-1518

Exploit
  • EPSS 2.82%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...

9.3

CVE-2014-1519

Exploit
  • EPSS 1.92%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...

6.9

CVE-2014-1520

Exploit
  • EPSS 0.04%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an uns...

9.3

CVE-2014-1522

Exploit
  • EPSS 0.67%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, mem...