Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2024-5158

Exploit
  • EPSS 0.12%
  • Veröffentlicht 22.05.2024 16:15:10
  • Zuletzt bearbeitet 19.12.2024 19:59:03

Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

7.8

CVE-2024-35949

  • EPSS 0.01%
  • Veröffentlicht 20.05.2024 10:15:10
  • Zuletzt bearbeitet 23.12.2025 19:23:52

In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only r...

5.5

CVE-2024-35947

  • EPSS 0.02%
  • Veröffentlicht 19.05.2024 12:15:08
  • Zuletzt bearbeitet 04.04.2025 14:23:31

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets make sure by removing it, doing pr_err and return -EI...

9.8

CVE-2024-36048

  • EPSS 0.48%
  • Veröffentlicht 18.05.2024 21:15:47
  • Zuletzt bearbeitet 04.11.2025 22:16:01

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

6.5

CVE-2023-46842

  • EPSS 1.42%
  • Veröffentlicht 16.05.2024 14:15:08
  • Zuletzt bearbeitet 05.01.2026 19:05:51

Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set t...

7.5

CVE-2024-31142

  • EPSS 3.12%
  • Veröffentlicht 16.05.2024 14:15:08
  • Zuletzt bearbeitet 05.01.2026 19:00:27

Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details,...

9.6

CVE-2024-4947

Warnung Exploit
  • EPSS 1.13%
  • Veröffentlicht 15.05.2024 21:15:09
  • Zuletzt bearbeitet 24.10.2025 14:07:06

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-4948

Exploit
  • EPSS 0.33%
  • Veröffentlicht 15.05.2024 21:15:09
  • Zuletzt bearbeitet 19.12.2024 20:38:52

Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-4949

Exploit
  • EPSS 0.25%
  • Veröffentlicht 15.05.2024 21:15:09
  • Zuletzt bearbeitet 19.12.2024 20:21:58

Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

6.5

CVE-2024-4950

Exploit
  • EPSS 0.09%
  • Veröffentlicht 15.05.2024 21:15:09
  • Zuletzt bearbeitet 28.03.2025 20:15:25

Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)