Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.2%
  • Veröffentlicht 27.03.2023 21:15:09
  • Zuletzt bearbeitet 24.02.2025 20:15:31

A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlike...

  • EPSS 0.7%
  • Veröffentlicht 24.03.2023 04:15:55
  • Zuletzt bearbeitet 19.02.2025 22:15:16

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then...

  • EPSS 1.17%
  • Veröffentlicht 23.03.2023 21:15:20
  • Zuletzt bearbeitet 21.11.2024 07:54:51

The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).

  • EPSS 0.74%
  • Veröffentlicht 23.03.2023 21:15:20
  • Zuletzt bearbeitet 21.11.2024 07:54:52

Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.

  • EPSS 1.83%
  • Veröffentlicht 23.03.2023 21:15:19
  • Zuletzt bearbeitet 25.02.2025 20:15:31

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impac...

  • EPSS 0.23%
  • Veröffentlicht 23.03.2023 21:15:19
  • Zuletzt bearbeitet 25.02.2025 20:15:32

A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.

Exploit
  • EPSS 0.87%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:38:50

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many...

  • EPSS 0.31%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 03.11.2025 20:15:59

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially ...

  • EPSS 0.73%
  • Veröffentlicht 22.03.2023 21:15:18
  • Zuletzt bearbeitet 21.11.2024 07:55:04

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special ...

  • EPSS 0.77%
  • Veröffentlicht 21.03.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:39:22

Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)