Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-1906

Exploit
  • EPSS 0.03%
  • Veröffentlicht 12.04.2023 22:15:11
  • Zuletzt bearbeitet 10.02.2025 17:15:15

A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an app...

6.5

CVE-2023-1993

Exploit
  • EPSS 0.26%
  • Veröffentlicht 12.04.2023 21:15:16
  • Zuletzt bearbeitet 03.11.2025 22:16:04

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

7.5

CVE-2023-1992

Exploit
  • EPSS 0.28%
  • Veröffentlicht 12.04.2023 21:15:15
  • Zuletzt bearbeitet 03.11.2025 22:16:03

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

6.5

CVE-2023-0004

  • EPSS 0.97%
  • Veröffentlicht 12.04.2023 17:15:07
  • Zuletzt bearbeitet 21.11.2024 07:36:22

A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the ...

8.8

CVE-2023-1810

  • EPSS 0.94%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:56

Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1811

  • EPSS 0.66%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:56

Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1812

  • EPSS 0.83%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

6.5

CVE-2023-1813

  • EPSS 0.05%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medi...

6.5

CVE-2023-1814

  • EPSS 0.08%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2023-1815

  • EPSS 0.66%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...