Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-38559

  • EPSS 0.02%
  • Veröffentlicht 01.08.2023 17:15:09
  • Zuletzt bearbeitet 21.11.2024 08:13:49

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.

7.8

CVE-2023-4004

  • EPSS 0.02%
  • Veröffentlicht 31.07.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:12

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate...

4.3

CVE-2022-4917

Exploit
  • EPSS 0.12%
  • Veröffentlicht 29.07.2023 00:15:11
  • Zuletzt bearbeitet 21.11.2024 07:36:14

Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2022-4926

Exploit
  • EPSS 0.05%
  • Veröffentlicht 29.07.2023 00:15:11
  • Zuletzt bearbeitet 21.11.2024 07:36:15

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2022-4907

Exploit
  • EPSS 1.45%
  • Veröffentlicht 29.07.2023 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:36:13

Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

9.8

CVE-2023-37920

  • EPSS 0.11%
  • Veröffentlicht 25.07.2023 21:15:10
  • Zuletzt bearbeitet 13.02.2025 13:50:15

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certific...

4.4

CVE-2023-3772

  • EPSS 0.01%
  • Veröffentlicht 25.07.2023 16:15:11
  • Zuletzt bearbeitet 21.11.2024 08:18:01

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possibl...

4.4

CVE-2023-3773

  • EPSS 0.02%
  • Veröffentlicht 25.07.2023 16:15:11
  • Zuletzt bearbeitet 21.11.2024 08:18:01

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attrib...

7.5

CVE-2023-38200

  • EPSS 0.53%
  • Veröffentlicht 24.07.2023 16:15:12
  • Zuletzt bearbeitet 21.11.2024 08:13:04

A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.

7.8

CVE-2023-1386

  • EPSS 0.02%
  • Veröffentlicht 24.07.2023 16:15:11
  • Zuletzt bearbeitet 21.11.2024 07:39:05

A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this...