Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.57%
  • Veröffentlicht 22.03.2012 16:55:01
  • Zuletzt bearbeitet 16.06.2026 23:32:30

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly exe...

Exploit
  • EPSS 95.1%
  • Veröffentlicht 25.12.2011 01:55:02
  • Zuletzt bearbeitet 16.06.2026 23:35:31

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to exec...

  • EPSS 10.62%
  • Veröffentlicht 15.12.2011 03:57:34
  • Zuletzt bearbeitet 16.06.2026 23:34:58

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding st...

  • EPSS 10.62%
  • Veröffentlicht 15.12.2011 03:57:34
  • Zuletzt bearbeitet 16.06.2026 23:34:58

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a deni...

  • EPSS 6.07%
  • Veröffentlicht 08.12.2011 20:55:01
  • Zuletzt bearbeitet 16.06.2026 23:34:45

Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.

Exploit
  • EPSS 12.67%
  • Veröffentlicht 17.11.2011 19:55:01
  • Zuletzt bearbeitet 16.06.2026 23:34:26

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref...

  • EPSS 0.42%
  • Veröffentlicht 21.07.2011 23:55:03
  • Zuletzt bearbeitet 16.06.2026 23:31:30

fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.

Exploit
  • EPSS 3.48%
  • Veröffentlicht 17.07.2011 20:55:01
  • Zuletzt bearbeitet 16.06.2026 23:31:27

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers...

  • EPSS 3.29%
  • Veröffentlicht 17.07.2011 20:55:01
  • Zuletzt bearbeitet 16.06.2026 23:31:48

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwr...

Exploit
  • EPSS 3.86%
  • Veröffentlicht 17.07.2011 20:55:01
  • Zuletzt bearbeitet 16.06.2026 23:31:48

The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers t...