Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-3195

Exploit
  • EPSS 0.02%
  • Veröffentlicht 16.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:16:40

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.

5.5

CVE-2023-2431

  • EPSS 0.01%
  • Veröffentlicht 16.06.2023 08:15:08
  • Zuletzt bearbeitet 12.12.2024 16:15:07

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerabili...

7.5

CVE-2023-30631

  • EPSS 0.54%
  • Veröffentlicht 14.06.2023 08:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:25

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuratio...

8.8

CVE-2023-3214

  • EPSS 1.52%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2023-3215

  • EPSS 19.98%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3216

  • EPSS 0.76%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3217

  • EPSS 16.59%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

3.9

CVE-2023-20867

Warnung
  • EPSS 2.1%
  • Veröffentlicht 13.06.2023 17:15:14
  • Zuletzt bearbeitet 28.10.2025 13:46:56

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

5.5

CVE-2023-3161

  • EPSS 0.01%
  • Veröffentlicht 12.06.2023 20:15:12
  • Zuletzt bearbeitet 11.03.2025 15:15:39

A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and...

7.2

CVE-2023-2454

  • EPSS 0.27%
  • Veröffentlicht 09.06.2023 19:15:09
  • Zuletzt bearbeitet 06.01.2025 18:15:13

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.