Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.48%
  • Veröffentlicht 11.07.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:16:52

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to exec...

Exploit
  • EPSS 0.57%
  • Veröffentlicht 11.07.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 07:39:39

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

Exploit
  • EPSS 0.39%
  • Veröffentlicht 10.07.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 08:07:13

A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.

  • EPSS 0.21%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 27.06.2025 18:51:27

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

  • EPSS 0.28%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 27.06.2025 18:51:27

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

  • EPSS 0.28%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 27.06.2025 18:51:27

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

  • EPSS 64.64%
  • Veröffentlicht 10.07.2023 16:15:48
  • Zuletzt bearbeitet 21.11.2024 07:38:37

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

  • EPSS 1.04%
  • Veröffentlicht 06.07.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:09:00

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragme...

  • EPSS 1.51%
  • Veröffentlicht 05.07.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:07:48

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

  • EPSS 2.05%
  • Veröffentlicht 05.07.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:01:42

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace