Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.21%
  • Veröffentlicht 04.10.2023 17:15:10
  • Zuletzt bearbeitet 03.11.2025 22:16:27

urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to spe...

Warnung Exploit
  • EPSS 81.42%
  • Veröffentlicht 03.10.2023 18:15:10
  • Zuletzt bearbeitet 12.05.2026 16:24:45

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...

  • EPSS 0.47%
  • Veröffentlicht 03.10.2023 03:15:09
  • Zuletzt bearbeitet 20.03.2025 16:59:45

A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which ...

Exploit
  • EPSS 1.19%
  • Veröffentlicht 02.10.2023 20:15:10
  • Zuletzt bearbeitet 03.11.2025 21:16:03

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.

  • EPSS 1.94%
  • Veröffentlicht 30.09.2023 20:15:10
  • Zuletzt bearbeitet 21.11.2024 08:25:59

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

  • EPSS 1.39%
  • Veröffentlicht 29.09.2023 20:15:09
  • Zuletzt bearbeitet 23.04.2025 17:31:40

Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_...

  • EPSS 0.96%
  • Veröffentlicht 28.09.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:41:15

Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: H...

  • EPSS 0.83%
  • Veröffentlicht 28.09.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 08:41:15

Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Warnung Exploit
  • EPSS 49.01%
  • Veröffentlicht 28.09.2023 16:15:10
  • Zuletzt bearbeitet 24.10.2025 14:07:24

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Exploit
  • EPSS 0.28%
  • Veröffentlicht 28.09.2023 14:15:21
  • Zuletzt bearbeitet 21.11.2024 08:23:06

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash...