Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-1531

  • EPSS 0.43%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:22

Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1532

  • EPSS 0.47%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:22

Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1533

  • EPSS 0.33%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:23

Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1534

  • EPSS 0.32%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:23

Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.6

CVE-2022-42333

  • EPSS 0.4%
  • Veröffentlicht 21.03.2023 13:15:12
  • Zuletzt bearbeitet 21.11.2024 07:24:46

x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an ...

6.5

CVE-2022-42334

  • EPSS 0.05%
  • Veröffentlicht 21.03.2023 13:15:12
  • Zuletzt bearbeitet 21.11.2024 07:24:46

x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an ...

5.5

CVE-2022-42331

  • EPSS 0.04%
  • Veröffentlicht 21.03.2023 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:46

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RE...

7.8

CVE-2022-42332

  • EPSS 0.04%
  • Veröffentlicht 21.03.2023 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:46

x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory...

5.5

CVE-2023-1264

Exploit
  • EPSS 0.03%
  • Veröffentlicht 07.03.2023 22:15:10
  • Zuletzt bearbeitet 21.11.2024 07:38:47

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.

8.6

CVE-2022-4904

Medienbericht Exploit
  • EPSS 0.13%
  • Veröffentlicht 06.03.2023 23:15:11
  • Zuletzt bearbeitet 02.12.2025 21:15:50

A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confident...