Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-2133

  • EPSS 0.94%
  • Published 19.04.2023 04:15:31
  • Last modified 21.11.2024 07:57:59

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2134

  • EPSS 0.66%
  • Published 19.04.2023 04:15:31
  • Last modified 21.11.2024 07:57:59

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-2135

  • EPSS 0.49%
  • Published 19.04.2023 04:15:31
  • Last modified 21.11.2024 07:57:59

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.6

CVE-2023-2136

Warning
  • EPSS 0.34%
  • Published 19.04.2023 04:15:31
  • Last modified 19.02.2025 19:40:21

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2137

  • EPSS 0.35%
  • Published 19.04.2023 04:15:31
  • Last modified 21.11.2024 07:58:00

Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

5.3

CVE-2023-27043

Exploit
  • EPSS 0.11%
  • Published 19.04.2023 00:15:07
  • Last modified 19.05.2025 12:38:20

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protect...

6.5

CVE-2023-28856

  • EPSS 0.12%
  • Published 18.04.2023 21:15:09
  • Last modified 21.11.2024 07:56:10

Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versio...

4.9

CVE-2023-21962

  • EPSS 0.1%
  • Published 18.04.2023 20:15:16
  • Last modified 21.11.2024 07:43:59

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m...

4.9

CVE-2023-21945

  • EPSS 0.1%
  • Published 18.04.2023 20:15:15
  • Last modified 21.11.2024 07:43:58

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr...

6.5

CVE-2023-21946

  • EPSS 0.2%
  • Published 18.04.2023 20:15:15
  • Last modified 21.11.2024 07:43:58

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pro...