Filtered by vendor Fedoraproject
Subscribe
Search
Total
3698 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29500 | 3 Debian, Fedoraproject, Schedmd | 3 Debian Linux, Fedora, Slurm | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | |||||
| CVE-2022-0582 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-27940 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | |||||
| CVE-2022-2158 | 2 Fedoraproject, Google | 3 Extra Packages For Enterprise Linux, Fedora, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-4068 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-08-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-26813 | 2 Fedoraproject, Markdown2 Project | 2 Fedora, Markdown2 | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time. | |||||
| CVE-2021-30589 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link. | |||||
| CVE-2022-23033 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a valid pagetable entry without the valid bit set when a guest operating system uses set/way cache maintenance instructions. For instance, a guest issuing a set/way cache maintenance instruction, then calling the XENMEM_decrease_reservation hypercall to give back memory pages to Xen, might be able to retain access to those pages even after Xen started reusing them for other purposes. | |||||
| CVE-2022-2857 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2623 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2621 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-0996 | 2 Fedoraproject, Redhat | 3 Fedora, 389 Directory Server, Enterprise Linux | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. | |||||
| CVE-2022-3045 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-25765 | 2 Fedoraproject, Pdfkit Project | 2 Fedora, Pdfkit | 2023-08-08 | N/A | 9.8 CRITICAL |
| The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. | |||||
| CVE-2021-29424 | 2 Fedoraproject, Net\ | 2 Fedora, \ | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. | |||||
| CVE-2022-2617 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2607 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-3040 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-46848 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Libtasn1 | 2023-08-08 | N/A | 9.1 CRITICAL |
| GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der. | |||||
| CVE-2022-3042 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-46829 | 3 Debian, Fedoraproject, Gnome | 3 Debian Linux, Fedora, Gdk-pixbuf | 2023-08-08 | N/A | 7.8 HIGH |
| GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems. | |||||
| CVE-2022-45061 | 3 Fedoraproject, Netapp, Python | 10 Fedora, Active Iq Unified Manager, Bootstrap Os and 7 more | 2023-08-08 | N/A | 7.5 HIGH |
| An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. | |||||
| CVE-2021-33621 | 2 Fedoraproject, Ruby-lang | 3 Fedora, Cgi, Ruby | 2023-08-08 | N/A | 8.8 HIGH |
| The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. | |||||
| CVE-2022-2608 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2165 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-08-08 | N/A | 4.3 MEDIUM |
| Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |||||
| CVE-2021-44847 | 2 Fedoraproject, Toktok | 2 Fedora, Toxcore | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet. | |||||
| CVE-2022-24675 | 3 Fedoraproject, Golang, Netapp | 3 Fedora, Go, Kubernetes Monitoring Operator | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. | |||||
| CVE-2021-35368 | 3 Debian, Fedoraproject, Owasp | 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname. | |||||
| CVE-2022-3602 | 4 Fedoraproject, Netapp, Nodejs and 1 more | 4 Fedora, Clustered Data Ontap, Node.js and 1 more | 2023-08-08 | N/A | 7.5 HIGH |
| A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6). | |||||
| CVE-2022-28796 | 4 Fedoraproject, Linux, Netapp and 1 more | 24 Fedora, Linux Kernel, Active Iq Unified Manager and 21 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | |||||
| CVE-2022-24065 | 2 Cookiecutter Project, Fedoraproject | 2 Cookiecutter, Fedora | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection. | |||||
| CVE-2021-21177 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-08-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2022-2620 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-38791 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2023-08-08 | N/A | 5.5 MEDIUM |
| In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. | |||||
| CVE-2022-0907 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2. | |||||
| CVE-2022-2609 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2023-08-08 | N/A | 8.8 HIGH |
| Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-42324 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2023-08-08 | N/A | 5.5 MEDIUM |
| Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring. | |||||
| CVE-2023-33460 | 3 Debian, Fedoraproject, Yajl Project | 3 Debian Linux, Fedora, Yajl | 2023-08-05 | N/A | 6.5 MEDIUM |
| There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. | |||||
| CVE-2018-25032 | 10 Apple, Azul, Debian and 7 more | 37 Mac Os X, Macos, Zulu and 34 more | 2023-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | |||||
| CVE-2022-1973 | 3 Fedoraproject, Linux, Netapp | 12 Fedora, Linux Kernel, H300s and 9 more | 2023-08-04 | N/A | 7.1 HIGH |
| A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. | |||||
| CVE-2021-3450 | 10 Fedoraproject, Freebsd, Mcafee and 7 more | 35 Fedora, Freebsd, Web Gateway and 32 more | 2023-08-04 | 5.8 MEDIUM | 7.4 HIGH |
| The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j). | |||||
| CVE-2023-1055 | 2 Fedoraproject, Redhat | 2 Fedora, Directory Server | 2023-08-02 | N/A | 5.5 MEDIUM |
| A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality. | |||||
| CVE-2023-2156 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-08-02 | N/A | 7.5 HIGH |
| A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. | |||||
| CVE-2023-1611 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2023-08-02 | N/A | 6.3 MEDIUM |
| A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea | |||||
| CVE-2023-1393 | 2 Fedoraproject, X.org | 2 Fedora, Xorg-server | 2023-08-02 | N/A | 7.8 HIGH |
| A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. | |||||
| CVE-2023-28321 | 4 Apple, Fedoraproject, Haxx and 1 more | 13 Macos, Fedora, Curl and 10 more | 2023-08-02 | N/A | 5.9 MEDIUM |
| An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. | |||||
| CVE-2023-32732 | 2 Fedoraproject, Grpc | 2 Fedora, Grpc | 2023-08-02 | N/A | 5.3 MEDIUM |
| gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit inĀ https://github.com/grpc/grpc/pull/32309 https://www.google.com/url | |||||
| CVE-2023-36664 | 3 Artifex, Debian, Fedoraproject | 3 Ghostscript, Debian Linux, Fedora | 2023-08-02 | N/A | 7.8 HIGH |
| Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). | |||||
| CVE-2021-31957 | 2 Fedoraproject, Microsoft | 4 Fedora, .net, .net Core and 1 more | 2023-08-01 | 5.0 MEDIUM | 5.9 MEDIUM |
| ASP.NET Denial of Service Vulnerability | |||||
| CVE-2008-1145 | 2 Fedoraproject, Ruby-lang | 3 Fedora, Ruby, Webrick | 2023-08-01 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) "..%5c" (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. | |||||