Filtered by vendor Fedoraproject Subscriptions
Filtered by product Fedora Subscriptions
Total 5125 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25815 3 Fedoraproject, Git For Windows Project, Redhat 7 Fedora, Git For Windows, Enterprise Linux and 4 more 2024-11-21 3.3 Low
In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1. This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\`.
CVE-2023-25358 3 Fedoraproject, Redhat, Webkitgtk 3 Fedora, Enterprise Linux, Webkitgtk 2024-11-21 8.8 High
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25193 3 Fedoraproject, Harfbuzz Project, Redhat 8 Fedora, Harfbuzz, Enterprise Linux and 5 more 2024-11-21 7.5 High
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
CVE-2023-25136 4 Fedoraproject, Netapp, Openbsd and 1 more 10 Fedora, 500f, 500f Firmware and 7 more 2024-11-21 6.5 Medium
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."
CVE-2023-24805 4 Debian, Fedoraproject, Linuxfoundation and 1 more 8 Debian Linux, Fedora, Cups-filters and 5 more 2024-11-21 8.8 High
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.
CVE-2023-24329 4 Fedoraproject, Netapp, Python and 1 more 14 Fedora, Active Iq Unified Manager, Management Services For Element Software and 11 more 2024-11-21 7.5 High
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-23916 6 Debian, Fedoraproject, Haxx and 3 more 19 Debian Linux, Fedora, Curl and 16 more 2024-11-21 6.5 Medium
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
CVE-2023-23908 3 Debian, Fedoraproject, Intel 275 Debian Linux, Fedora, Microcode and 272 more 2024-11-21 6 Medium
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2023-23589 3 Debian, Fedoraproject, Torproject 3 Debian Linux, Fedora, Tor 2024-11-21 6.5 Medium
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
CVE-2023-23457 2 Fedoraproject, Upx Project 2 Fedora, Upx 2024-11-21 5.3 Medium
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
CVE-2023-23456 2 Fedoraproject, Upx Project 2 Fedora, Upx 2024-11-21 5.3 Medium
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.
CVE-2023-22970 2 Fedoraproject, Usebottles 2 Fedora, Bottles 2024-11-21 7.8 High
Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file.
CVE-2023-22945 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 4.3 Medium
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
CVE-2023-22911 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 6.1 Medium
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widget is executed in an HTML attribute context.
CVE-2023-22909 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2024-11-21 5.3 Medium
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow.
CVE-2023-22840 2 Fedoraproject, Intel 2 Fedora, Onevpl Gpu Runtime 2024-11-21 3.3 Low
Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-22809 5 Apple, Debian, Fedoraproject and 2 more 11 Macos, Debian Linux, Fedora and 8 more 2024-11-21 7.8 High
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
CVE-2023-22338 2 Fedoraproject, Intel 2 Fedora, Onevpl Gpu Runtime 2024-11-21 4.4 Medium
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-22298 2 Fedoraproject, Pgadmin 2 Fedora, Pgadmin 2024-11-21 6.1 Medium
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
CVE-2023-22084 4 Fedoraproject, Netapp, Oracle and 1 more 5 Fedora, Oncommand Insight, Mysql and 2 more 2024-11-21 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).