Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.49%
  • Veröffentlicht 30.03.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:17

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket ...

  • EPSS 4.83%
  • Veröffentlicht 22.02.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:08

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr...

  • EPSS 6.66%
  • Veröffentlicht 02.02.2009 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:55

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL p...

Exploit
  • EPSS 0.62%
  • Veröffentlicht 28.01.2009 11:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:44

Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

  • EPSS 0.51%
  • Veröffentlicht 28.01.2009 02:30:00
  • Zuletzt bearbeitet 16.06.2026 23:01:21

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local us...

  • EPSS 3.63%
  • Veröffentlicht 13.11.2008 11:30:01
  • Zuletzt bearbeitet 16.06.2026 22:58:58

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying pr...

  • EPSS 1.88%
  • Veröffentlicht 13.11.2008 01:00:01
  • Zuletzt bearbeitet 16.06.2026 22:58:53

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers t...

  • EPSS 2.33%
  • Veröffentlicht 15.10.2008 20:08:02
  • Zuletzt bearbeitet 16.06.2026 22:58:06

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.

  • EPSS 2.41%
  • Veröffentlicht 11.09.2008 01:13:47
  • Zuletzt bearbeitet 16.06.2026 22:56:55

Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because ...

  • EPSS 10.76%
  • Veröffentlicht 29.08.2008 18:41:00
  • Zuletzt bearbeitet 16.06.2026 22:55:32

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly exec...