Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-28333

  • EPSS 0.82%
  • Veröffentlicht 23.03.2023 21:15:20
  • Zuletzt bearbeitet 21.11.2024 07:54:51

The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).

4.3

CVE-2023-28336

  • EPSS 0.24%
  • Veröffentlicht 23.03.2023 21:15:20
  • Zuletzt bearbeitet 21.11.2024 07:54:52

Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.

6.5

CVE-2023-0056

  • EPSS 0.21%
  • Veröffentlicht 23.03.2023 21:15:19
  • Zuletzt bearbeitet 25.02.2025 20:15:31

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impac...

3.3

CVE-2023-1513

  • EPSS 0.01%
  • Veröffentlicht 23.03.2023 21:15:19
  • Zuletzt bearbeitet 25.02.2025 20:15:32

A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.

5.5

CVE-2023-1289

Exploit
  • EPSS 0.13%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:38:50

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many...

6.3

CVE-2023-1544

  • EPSS 0.06%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 03.11.2025 20:15:59

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially ...

6.1

CVE-2023-28439

  • EPSS 0.32%
  • Veröffentlicht 22.03.2023 21:15:18
  • Zuletzt bearbeitet 21.11.2024 07:55:04

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special ...

8.8

CVE-2023-1528

  • EPSS 0.41%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:22

Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.8

CVE-2023-1529

  • EPSS 0.28%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:22

Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)

8.8

CVE-2023-1530

  • EPSS 0.36%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 05.05.2025 16:15:28

Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)