Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2023-4155

  • EPSS 0.01%
  • Veröffentlicht 13.09.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:30

A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an...

6.5

CVE-2023-3255

  • EPSS 0.13%
  • Veröffentlicht 13.09.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 08:16:48

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remot...

5.9

CVE-2023-4813

  • EPSS 0.3%
  • Veröffentlicht 12.09.2023 22:15:08
  • Zuletzt bearbeitet 26.09.2025 12:15:34

A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database...

4.3

CVE-2023-4908

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:36:14

Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2023-4909

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:36:14

Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2023-4900

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4901

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4902

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4903

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4904

  • EPSS 0.07%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)