Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-41175

  • EPSS 0.27%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 04.12.2024 08:15:05

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based...

5.5

CVE-2023-42754

Exploit
  • EPSS 0.01%
  • Veröffentlicht 05.10.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:23:06

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue...

8.8

CVE-2023-5346

  • EPSS 1.12%
  • Veröffentlicht 05.10.2023 18:15:13
  • Zuletzt bearbeitet 01.05.2025 20:15:35

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.2

CVE-2023-39191

  • EPSS 0.01%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:14:52

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with...

5.5

CVE-2023-3428

  • EPSS 0.02%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:14

A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.

5.5

CVE-2023-3576

  • EPSS 0.02%
  • Veröffentlicht 04.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:35

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an a...

8.1

CVE-2023-43804

  • EPSS 0.87%
  • Veröffentlicht 04.10.2023 17:15:10
  • Zuletzt bearbeitet 03.11.2025 22:16:27

urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to spe...

7.8

CVE-2023-4911

Warnung Exploit
  • EPSS 63.62%
  • Veröffentlicht 03.10.2023 18:15:10
  • Zuletzt bearbeitet 13.02.2026 21:25:07

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...

7.8

CVE-2023-5345

  • EPSS 0.03%
  • Veröffentlicht 03.10.2023 03:15:09
  • Zuletzt bearbeitet 20.03.2025 16:59:45

A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which ...

7.5

CVE-2023-5344

Exploit
  • EPSS 0.06%
  • Veröffentlicht 02.10.2023 20:15:10
  • Zuletzt bearbeitet 03.11.2025 21:16:03

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.