Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-36824

  • EPSS 90.84%
  • Veröffentlicht 11.07.2023 17:15:13
  • Zuletzt bearbeitet 10.04.2025 20:54:22

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and ...

7.5

CVE-2023-3354

  • EPSS 0.07%
  • Veröffentlicht 11.07.2023 17:15:13
  • Zuletzt bearbeitet 21.11.2024 08:17:05

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection hap...

7.8

CVE-2023-3269

  • EPSS 0.22%
  • Veröffentlicht 11.07.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:16:52

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to exec...

5.3

CVE-2023-1672

Exploit
  • EPSS 0.03%
  • Veröffentlicht 11.07.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 07:39:39

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

7.8

CVE-2023-34432

Exploit
  • EPSS 0.05%
  • Veröffentlicht 10.07.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 08:07:13

A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.

5.5

CVE-2023-26590

  • EPSS 0.04%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 27.06.2025 18:51:27

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

5.5

CVE-2023-32627

  • EPSS 0.06%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 27.06.2025 18:51:27

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

7.8

CVE-2023-34318

  • EPSS 0.04%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 27.06.2025 18:51:27

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

5.5

CVE-2023-1183

  • EPSS 4.98%
  • Veröffentlicht 10.07.2023 16:15:48
  • Zuletzt bearbeitet 21.11.2024 07:38:37

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

8.2

CVE-2023-35934

  • EPSS 0.51%
  • Veröffentlicht 06.07.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:09:00

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragme...