Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-4905

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:13

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2023-4906

  • EPSS 0.05%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:14

Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2023-4907

  • EPSS 0.27%
  • Veröffentlicht 12.09.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:36:14

Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2023-4863

Warnung Exploit
  • EPSS 94.12%
  • Veröffentlicht 12.09.2023 15:15:24
  • Zuletzt bearbeitet 24.10.2025 14:07:28

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

5.5

CVE-2023-40032

  • EPSS 0.09%
  • Veröffentlicht 11.09.2023 19:15:43
  • Zuletzt bearbeitet 21.04.2025 13:45:44

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips v...

8.1

CVE-2023-41915

  • EPSS 0.95%
  • Veröffentlicht 09.09.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 08:21:54

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.

4.8

CVE-2023-39511

Exploit
  • EPSS 0.51%
  • Veröffentlicht 06.09.2023 18:15:08
  • Zuletzt bearbeitet 10.04.2025 20:43:41

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. Thes...

6.3

CVE-2023-39365

Exploit
  • EPSS 0.17%
  • Veröffentlicht 05.09.2023 22:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:52

Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has bee...

4.8

CVE-2023-39516

Exploit
  • EPSS 0.26%
  • Veröffentlicht 05.09.2023 22:15:09
  • Zuletzt bearbeitet 10.04.2025 20:51:38

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. Thes...

8.1

CVE-2023-4761

  • EPSS 0.37%
  • Veröffentlicht 05.09.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 08:35:55

Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)