Fedoraproject

Fedora

5326 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-4853

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2024 15:45:18
  • Zuletzt bearbeitet 03.11.2025 23:16:38

Memory handling issue in editcap could cause denial of service via crafted capture file

7.5

CVE-2024-4854

  • EPSS 0.24%
  • Veröffentlicht 14.05.2024 15:45:18
  • Zuletzt bearbeitet 03.11.2025 23:16:38

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file

9.6

CVE-2024-4671

Warnung
  • EPSS 0.2%
  • Veröffentlicht 14.05.2024 15:44:15
  • Zuletzt bearbeitet 24.10.2025 14:07:21

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.1

CVE-2024-34340

Exploit
  • EPSS 0.88%
  • Veröffentlicht 14.05.2024 15:38:39
  • Zuletzt bearbeitet 04.11.2025 17:15:53

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verify...

7.2

CVE-2024-31459

Exploit
  • EPSS 3.1%
  • Veröffentlicht 14.05.2024 15:25:26
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. The...

8.8

CVE-2024-31460

Exploit
  • EPSS 1.84%
  • Veröffentlicht 14.05.2024 15:25:26
  • Zuletzt bearbeitet 04.11.2025 17:15:51

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_node...

8

CVE-2024-31458

Exploit
  • EPSS 6.02%
  • Veröffentlicht 14.05.2024 15:25:25
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement ...

8.8

CVE-2024-31445

Exploit
  • EPSS 52.19%
  • Veröffentlicht 14.05.2024 15:25:21
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL inject...

5.4

CVE-2024-31443

Exploit
  • EPSS 0.64%
  • Veröffentlicht 14.05.2024 15:25:20
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_p...

5.4

CVE-2024-31444

Exploit
  • EPSS 9.4%
  • Veröffentlicht 14.05.2024 15:25:20
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concaten...