Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8

CVE-2022-47318

  • EPSS 0.71%
  • Veröffentlicht 17.01.2023 10:15:11
  • Zuletzt bearbeitet 04.04.2025 16:15:16

ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46...

6.1

CVE-2023-22298

  • EPSS 0.6%
  • Veröffentlicht 17.01.2023 10:15:11
  • Zuletzt bearbeitet 03.04.2025 16:15:31

Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

6.5

CVE-2023-23589

Exploit
  • EPSS 0.4%
  • Veröffentlicht 14.01.2023 01:15:15
  • Zuletzt bearbeitet 07.04.2025 19:15:52

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.

5.5

CVE-2023-23456

Exploit
  • EPSS 0.02%
  • Veröffentlicht 12.01.2023 19:15:24
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.

5.5

CVE-2023-23457

Exploit
  • EPSS 0.03%
  • Veröffentlicht 12.01.2023 19:15:24
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.

6.5

CVE-2022-3437

  • EPSS 0.73%
  • Veröffentlicht 12.01.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:19:30

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow ...

6.5

CVE-2022-3592

  • EPSS 0.83%
  • Veröffentlicht 12.01.2023 15:15:10
  • Zuletzt bearbeitet 08.04.2025 16:15:23

A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via...

5.5

CVE-2022-47927

Exploit
  • EPSS 0.05%
  • Veröffentlicht 12.01.2023 06:15:08
  • Zuletzt bearbeitet 08.04.2025 16:15:24

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., w...

4.3

CVE-2023-22945

  • EPSS 0.25%
  • Veröffentlicht 11.01.2023 01:15:10
  • Zuletzt bearbeitet 07.04.2025 19:15:51

In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.

7.5

CVE-2022-4379

  • EPSS 0.61%
  • Veröffentlicht 10.01.2023 22:15:14
  • Zuletzt bearbeitet 08.04.2025 19:15:46

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial