Filtered by vendor Fedoraproject
Subscriptions
Total
5319 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-3116 | 2 Fedoraproject, Pgadmin | 2 Fedora, Pgadmin | 2025-02-13 | 7.4 High |
| pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data. | ||||
| CVE-2024-35242 | 2 Fedoraproject, Getcomposer | 2 Fedora, Composer | 2025-02-13 | 8.8 High |
| Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid cloning potentially compromised repositories. | ||||
| CVE-2024-35241 | 2 Fedoraproject, Getcomposer | 2 Fedora, Composer | 2025-02-13 | 8.8 High |
| Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `status`, `reinstall` and `remove` commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code. Patches for this issue are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid installing dependencies via git by using `--prefer-dist` or the `preferred-install: dist` config setting. | ||||
| CVE-2024-30260 | 3 Fedoraproject, Nodejs, Redhat | 3 Fedora, Undici, Openshift Devspaces | 2025-02-13 | 3.9 Low |
| Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. | ||||
| CVE-2024-27319 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Onnx | 2025-02-13 | 4.4 Medium |
| Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy. | ||||
| CVE-2024-27318 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Onnx | 2025-02-13 | 7.5 High |
| Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882. | ||||
| CVE-2024-1580 | 3 Apple, Fedoraproject, Videolan | 7 Ipados, Iphone Os, Macos and 4 more | 2025-02-13 | 5.9 Medium |
| An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d. | ||||
| CVE-2024-1086 | 5 Debian, Fedoraproject, Linux and 2 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2025-02-13 | 7.8 High |
| A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | ||||
| CVE-2023-7101 | 3 Debian, Fedoraproject, Jmcnamara | 3 Debian Linux, Fedora, Spreadsheet\ | 2025-02-13 | 7.8 High |
| Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. | ||||
| CVE-2023-6879 | 2 Aomedia, Fedoraproject | 2 Aomedia, Fedora | 2025-02-13 | 9 Critical |
| Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). | ||||
| CVE-2023-6186 | 4 Debian, Fedoraproject, Libreoffice and 1 more | 8 Debian Linux, Fedora, Libreoffice and 5 more | 2025-02-13 | 8.3 High |
| Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user. | ||||
| CVE-2023-6185 | 4 Debian, Fedoraproject, Libreoffice and 1 more | 8 Debian Linux, Fedora, Libreoffice and 5 more | 2025-02-13 | 8.3 High |
| Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system. | ||||
| CVE-2023-5631 | 3 Debian, Fedoraproject, Roundcube | 3 Debian Linux, Fedora, Webmail | 2025-02-13 | 6.1 Medium |
| Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code. | ||||
| CVE-2023-4504 | 3 Debian, Fedoraproject, Openprinting | 4 Debian Linux, Fedora, Cups and 1 more | 2025-02-13 | 7.0 High |
| Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. | ||||
| CVE-2023-46838 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2025-02-13 | 7.5 High |
| Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are directly translated into what Linux calls SKB fragments. Such converted request parts can, when for a particular SKB they are all of length zero, lead to a de-reference of NULL in core networking code. | ||||
| CVE-2023-46219 | 3 Fedoraproject, Haxx, Redhat | 3 Fedora, Curl, Jboss Core Services | 2025-02-13 | 5.3 Medium |
| When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. | ||||
| CVE-2023-46218 | 3 Fedoraproject, Haxx, Redhat | 7 Fedora, Curl, Enterprise Linux and 4 more | 2025-02-13 | 6.5 Medium |
| This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. | ||||
| CVE-2023-45803 | 3 Fedoraproject, Python, Redhat | 8 Fedora, Urllib3, Enterprise Linux and 5 more | 2025-02-13 | 4.2 Medium |
| urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GET` as is required by HTTP RFCs. Although this behavior is not specified in the section for redirects, it can be inferred by piecing together information from different sections and we have observed the behavior in other major HTTP client implementations like curl and web browsers. Because the vulnerability requires a previously trusted service to become compromised in order to have an impact on confidentiality we believe the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies, if this is the case then this vulnerability isn't exploitable. Both of the following conditions must be true to be affected by this vulnerability: 1. Using urllib3 and submitting sensitive information in the HTTP request body (such as form data or JSON) and 2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised. This issue has been addressed in versions 1.26.18 and 2.0.7 and users are advised to update to resolve this issue. Users unable to update should disable redirects for services that aren't expecting to respond with redirects with `redirects=False` and disable automatic redirects with `redirects=False` and handle 301, 302, and 303 redirects manually by stripping the HTTP request body. | ||||
| CVE-2024-6293 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2025-02-13 | 7.5 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-6292 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2025-02-13 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||