Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-5171

  • EPSS 0.32%
  • Veröffentlicht 27.09.2023 15:19:42
  • Zuletzt bearbeitet 21.11.2024 08:41:13

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and...

7.5

CVE-2023-5157

  • EPSS 0.27%
  • Veröffentlicht 27.09.2023 15:19:41
  • Zuletzt bearbeitet 01.10.2025 15:15:41

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

4.3

CVE-2023-42453

  • EPSS 0.23%
  • Veröffentlicht 27.09.2023 15:19:32
  • Zuletzt bearbeitet 21.11.2024 08:22:33

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but s...

3.7

CVE-2023-41335

  • EPSS 0.14%
  • Veröffentlicht 27.09.2023 15:19:30
  • Zuletzt bearbeitet 21.11.2024 08:21:06

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabili...

8.8

CVE-2023-41074

  • EPSS 1.12%
  • Veröffentlicht 27.09.2023 15:19:26
  • Zuletzt bearbeitet 21.11.2024 08:20:30

The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

8.8

CVE-2023-35074

  • EPSS 0.6%
  • Veröffentlicht 27.09.2023 15:18:52
  • Zuletzt bearbeitet 05.05.2025 16:15:40

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

7.8

CVE-2022-4318

  • EPSS 0.04%
  • Veröffentlicht 25.09.2023 20:15:10
  • Zuletzt bearbeitet 21.11.2024 07:35:01

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

7.1

CVE-2023-4156

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.09.2023 18:15:11
  • Zuletzt bearbeitet 21.11.2024 08:34:30

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.

5.5

CVE-2023-42811

Exploit
  • EPSS 0.02%
  • Veröffentlicht 22.09.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:23:15

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decrypt_in_place_detached, the decrypted ciphertext (i.e. the correct plaintext) is exposed even if tag ver...

8.8

CVE-2023-5002

  • EPSS 21.84%
  • Veröffentlicht 22.09.2023 14:15:47
  • Zuletzt bearbeitet 17.03.2025 16:43:52

A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server ...