Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-30631

  • EPSS 0.54%
  • Veröffentlicht 14.06.2023 08:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:25

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuratio...

8.8

CVE-2023-3214

  • EPSS 1.52%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2023-3215

  • EPSS 19.98%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3216

  • EPSS 0.76%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3217

  • EPSS 16.59%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

3.9

CVE-2023-20867

Warnung
  • EPSS 2.95%
  • Veröffentlicht 13.06.2023 17:15:14
  • Zuletzt bearbeitet 28.10.2025 13:46:56

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

5.5

CVE-2023-3161

  • EPSS 0.01%
  • Veröffentlicht 12.06.2023 20:15:12
  • Zuletzt bearbeitet 11.03.2025 15:15:39

A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and...

7.2

CVE-2023-2454

  • EPSS 0.23%
  • Veröffentlicht 09.06.2023 19:15:09
  • Zuletzt bearbeitet 06.01.2025 18:15:13

schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.

5.4

CVE-2023-2455

  • EPSS 0.21%
  • Veröffentlicht 09.06.2023 19:15:09
  • Zuletzt bearbeitet 06.01.2025 18:15:13

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other ...

5.3

CVE-2023-32732

  • EPSS 0.02%
  • Veröffentlicht 09.06.2023 11:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:32

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allo...