Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-4901

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4902

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4903

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4904

  • EPSS 0.07%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)

4.3

CVE-2023-4905

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4906

  • EPSS 0.05%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:14

Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2023-4907

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:14

Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2023-4863

Warnung Exploit
  • EPSS 93.95%
  • Veröffentlicht 12.09.2023 15:15:24
  • Zuletzt bearbeitet 13.03.2025 16:17:15

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

5.5

CVE-2023-40032

  • EPSS 0.09%
  • Veröffentlicht 11.09.2023 19:15:43
  • Zuletzt bearbeitet 21.04.2025 13:45:44

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips v...

8.1

CVE-2023-41915

  • EPSS 0.95%
  • Veröffentlicht 09.09.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 08:21:54

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.