Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5115 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-3156 | 9 Beyondtrust, Debian, Fedoraproject and 6 more | 38 Privilege Management For Mac, Privilege Management For Unix\/linux, Debian Linux and 35 more | 2024-09-19 | 7.8 High |
| Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. | ||||
| CVE-2023-5441 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-09-19 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. | ||||
| CVE-2023-45239 | 3 Facebook, Fedoraproject, Meta | 3 Tac Plus, Fedora, Tac Plus | 2024-09-19 | 9.8 Critical |
| A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server. | ||||
| CVE-2023-43615 | 3 Arm, Fedoraproject, Mbed | 3 Mbed Tls, Fedora, Mbedtls | 2024-09-19 | 7.5 High |
| Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | ||||
| CVE-2024-0517 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-09-18 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-40548 | 2 Fedoraproject, Redhat | 7 Fedora, Enterprise Linux, Rhel Aus and 4 more | 2024-09-18 | 6.9 Medium |
| A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. | ||||
| CVE-2023-4911 | 5 Canonical, Debian, Fedoraproject and 2 more | 19 Ubuntu Linux, Debian Linux, Fedora and 16 more | 2024-09-17 | 7.8 High |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | ||||
| CVE-2023-23456 | 2 Fedoraproject, Upx Project | 2 Fedora, Upx | 2024-09-17 | 5.3 Medium |
| A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file. | ||||
| CVE-2023-5535 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-09-17 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to v9.0.2010. | ||||
| CVE-2023-31122 | 3 Apache, Fedoraproject, Redhat | 4 Http Server, Fedora, Enterprise Linux and 1 more | 2024-09-17 | 7.5 High |
| Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. | ||||
| CVE-2023-45143 | 3 Fedoraproject, Nodejs, Redhat | 3 Fedora, Undici, Enterprise Linux | 2024-09-17 | 3.9 Low |
| Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Cookie` headers. By design, `cookie` headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments. Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a third-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the third party site. This was patched in version 5.26.2. There are no known workarounds. | ||||
| CVE-2019-3464 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-09-17 | 9.8 Critical |
| Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. | ||||
| CVE-2019-11047 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-09-17 | 4.8 Medium |
| When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | ||||
| CVE-2022-21797 | 3 Debian, Fedoraproject, Joblib Project | 3 Debian Linux, Fedora, Joblib | 2024-09-17 | 7.3 High |
| The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement. | ||||
| CVE-2022-41741 | 3 Debian, F5, Fedoraproject | 4 Debian Linux, Nginx, Nginx Ingress Controller and 1 more | 2024-09-17 | 7 High |
| NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. | ||||
| CVE-2019-1559 | 13 Canonical, Debian, F5 and 10 more | 91 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 88 more | 2024-09-17 | 5.9 Medium |
| If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). | ||||
| CVE-2020-12802 | 4 Fedoraproject, Libreoffice, Opensuse and 1 more | 4 Fedora, Libreoffice, Leap and 1 more | 2024-09-17 | 5.3 Medium |
| LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4. | ||||
| CVE-2020-7069 | 9 Canonical, Debian, Fedoraproject and 6 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-09-17 | 5.4 Medium |
| In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data. | ||||
| CVE-2022-38784 | 4 Debian, Fedoraproject, Freedesktop and 1 more | 4 Debian Linux, Fedora, Poppler and 1 more | 2024-09-17 | 7.8 High |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | ||||
| CVE-2022-30674 | 4 Adobe, Apple, Fedoraproject and 1 more | 4 Indesign, Macos, Fedora and 1 more | 2024-09-17 | 5.5 Medium |
| Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||