Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-44488

  • EPSS 1.45%
  • Veröffentlicht 30.09.2023 20:15:10
  • Zuletzt bearbeitet 21.11.2024 08:25:59

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

8.8

CVE-2023-43655

  • EPSS 1.89%
  • Veröffentlicht 29.09.2023 20:15:09
  • Zuletzt bearbeitet 23.04.2025 17:31:40

Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_...

8.8

CVE-2023-5186

  • EPSS 1.22%
  • Veröffentlicht 28.09.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:41:15

Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: H...

8.8

CVE-2023-5187

  • EPSS 0.22%
  • Veröffentlicht 28.09.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:41:15

Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-5217

Warnung Exploit
  • EPSS 3.52%
  • Veröffentlicht 28.09.2023 16:15:10
  • Zuletzt bearbeitet 24.10.2025 14:07:24

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

4.7

CVE-2023-42756

Exploit
  • EPSS 0.01%
  • Veröffentlicht 28.09.2023 14:15:21
  • Zuletzt bearbeitet 21.11.2024 08:23:06

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash...

6.5

CVE-2023-42822

  • EPSS 0.34%
  • Veröffentlicht 27.09.2023 18:15:11
  • Zuletzt bearbeitet 03.11.2025 20:16:02

xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The v...

6.5

CVE-2023-5169

  • EPSS 0.24%
  • Veröffentlicht 27.09.2023 15:19:42
  • Zuletzt bearbeitet 21.11.2024 08:41:13

A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115...

6.5

CVE-2023-5171

  • EPSS 0.26%
  • Veröffentlicht 27.09.2023 15:19:42
  • Zuletzt bearbeitet 21.11.2024 08:41:13

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and...

7.5

CVE-2023-5157

  • EPSS 0.27%
  • Veröffentlicht 27.09.2023 15:19:41
  • Zuletzt bearbeitet 01.10.2025 15:15:41

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.