Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-3079

Warnung Exploit
  • EPSS 1.25%
  • Veröffentlicht 05.06.2023 22:15:12
  • Zuletzt bearbeitet 24.10.2025 14:07:38

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

5.3

CVE-2023-34410

  • EPSS 0.11%
  • Veröffentlicht 05.06.2023 03:15:09
  • Zuletzt bearbeitet 20.03.2025 21:30:54

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.

5.5

CVE-2023-34151

Exploit
  • EPSS 0.08%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 02.12.2024 14:34:36

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).

9.8

CVE-2023-34152

Exploit
  • EPSS 72.24%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 13.01.2025 19:15:10

A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.

7.8

CVE-2023-34153

Exploit
  • EPSS 0.85%
  • Veröffentlicht 30.05.2023 22:15:11
  • Zuletzt bearbeitet 10.01.2025 21:15:12

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.

5.9

CVE-2023-28321

Exploit
  • EPSS 0.3%
  • Veröffentlicht 26.05.2023 21:15:16
  • Zuletzt bearbeitet 15.01.2025 16:15:26

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function...

3.7

CVE-2023-28322

Exploit
  • EPSS 0.5%
  • Veröffentlicht 26.05.2023 21:15:16
  • Zuletzt bearbeitet 21.11.2024 07:54:50

An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if ...

6.1

CVE-2023-32681

  • EPSS 6.28%
  • Veröffentlicht 26.05.2023 18:15:14
  • Zuletzt bearbeitet 13.02.2025 17:16:32

Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorizatio...

7.8

CVE-2023-22970

  • EPSS 0.75%
  • Veröffentlicht 26.05.2023 18:15:13
  • Zuletzt bearbeitet 15.01.2025 17:15:11

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file.

6.5

CVE-2023-2283

  • EPSS 0.21%
  • Veröffentlicht 26.05.2023 18:15:13
  • Zuletzt bearbeitet 03.11.2025 21:15:57

A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory...