Fedoraproject

Fedora

5326 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-34506

Exploit
  • EPSS 0.17%
  • Veröffentlicht 05.05.2024 19:15:07
  • Zuletzt bearbeitet 04.11.2025 18:16:22

An issue was discovered in includes/specials/SpecialMovePage.php in MediaWiki before 1.39.7, 1.40.x before 1.40.3, and 1.41.x before 1.41.1. If a user with the necessary rights to move the page opens Special:MovePage for a page with tens of thousands...

7.4

CVE-2024-34507

Exploit
  • EPSS 0.44%
  • Veröffentlicht 05.05.2024 19:15:07
  • Zuletzt bearbeitet 04.11.2025 18:16:22

An issue was discovered in includes/CommentFormatter/CommentParser.php in MediaWiki before 1.39.7, 1.40.x before 1.40.3, and 1.41.x before 1.41.1. XSS can occur because of mishandling of the 0x1b character, as demonstrated by Special:RecentChanges#%1...

8.6

CVE-2024-34402

  • EPSS 0.46%
  • Veröffentlicht 03.05.2024 01:15:48
  • Zuletzt bearbeitet 04.11.2025 18:16:21

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

5.9

CVE-2024-34403

  • EPSS 0.35%
  • Veröffentlicht 03.05.2024 01:15:48
  • Zuletzt bearbeitet 04.11.2025 18:16:21

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.

7.5

CVE-2024-4140

  • EPSS 0.37%
  • Veröffentlicht 02.05.2024 20:15:07
  • Zuletzt bearbeitet 26.08.2025 17:21:28

An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set (from 2020 and 2024) limits excessive depth and the total number of parts.

8.8

CVE-2024-4215

  • EPSS 0.03%
  • Veröffentlicht 02.05.2024 18:15:07
  • Zuletzt bearbeitet 19.09.2025 13:37:32

pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions w...

5.4

CVE-2024-4216

Exploit
  • EPSS 0.21%
  • Veröffentlicht 02.05.2024 18:15:07
  • Zuletzt bearbeitet 19.09.2025 13:27:28

pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end.

9.8

CVE-2023-47212

Exploit
  • EPSS 0.27%
  • Veröffentlicht 01.05.2024 16:15:07
  • Zuletzt bearbeitet 04.11.2025 18:15:42

A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

8.8

CVE-2024-4058

  • EPSS 8.83%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 04.11.2025 18:16:41

Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

6.5

CVE-2024-4059

Exploit
  • EPSS 0.12%
  • Veröffentlicht 01.05.2024 13:15:52
  • Zuletzt bearbeitet 04.11.2025 18:16:41

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High)