Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-25652

  • EPSS 2.64%
  • Veröffentlicht 25.04.2023 20:15:09
  • Zuletzt bearbeitet 04.11.2025 17:15:35

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwri...

2.2

CVE-2023-25815

  • EPSS 0.09%
  • Veröffentlicht 25.04.2023 20:15:09
  • Zuletzt bearbeitet 04.11.2025 17:15:35

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, th...

7.8

CVE-2022-42335

  • EPSS 0.06%
  • Veröffentlicht 25.04.2023 13:15:09
  • Zuletzt bearbeitet 21.11.2024 07:24:46

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the...

6.5

CVE-2023-29530

  • EPSS 0.18%
  • Veröffentlicht 24.04.2023 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:57:14

Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, and 2.25.0, users who create HTTP requests or responses using laminas/laminas-diactoros, when providing a newli...

5.5

CVE-2023-31084

  • EPSS 0.01%
  • Veröffentlicht 24.04.2023 06:15:07
  • Zuletzt bearbeitet 18.03.2025 20:15:19

An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test...

6.7

CVE-2023-2194

  • EPSS 0.02%
  • Veröffentlicht 20.04.2023 21:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:29

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of ...

8.8

CVE-2023-2133

  • EPSS 0.66%
  • Veröffentlicht 19.04.2023 04:15:31
  • Zuletzt bearbeitet 21.11.2024 07:57:59

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-2134

  • EPSS 0.66%
  • Veröffentlicht 19.04.2023 04:15:31
  • Zuletzt bearbeitet 21.11.2024 07:57:59

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-2135

  • EPSS 0.49%
  • Veröffentlicht 19.04.2023 04:15:31
  • Zuletzt bearbeitet 21.11.2024 07:57:59

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.6

CVE-2023-2136

Warnung
  • EPSS 0.63%
  • Veröffentlicht 19.04.2023 04:15:31
  • Zuletzt bearbeitet 24.10.2025 14:07:43

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)