Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-11 | CVE-2024-5844 | Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | Fedora, Chrome | 8.8 | ||
| 2024-06-11 | CVE-2024-5845 | Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | Fedora, Chrome | 8.8 | ||
| 2024-06-11 | CVE-2024-5846 | Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | Fedora, Chrome | 8.8 | ||
| 2024-06-11 | CVE-2024-5847 | Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | Fedora, Chrome | 8.8 | ||
| 2024-06-18 | CVE-2024-38276 | Incorrect CSRF token checks resulted in multiple CSRF risks. | Fedora, Moodle | 8.8 | ||
| 2024-11-14 | CVE-2023-4134 | A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of service. | Fedora, Linux_kernel | 5.5 | ||
| 2015-08-16 | CVE-2015-4491 | Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. | Ubuntu_linux, Fedora, Gdk\-Pixbuf, Opensuse, Solaris | N/A | ||
| 2015-12-16 | CVE-2015-7205 | Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet. | Fedora, Firefox, Leap, Opensuse | N/A | ||
| 2015-12-16 | CVE-2015-7201 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | Fedora, Firefox, Leap, Opensuse | N/A | ||
| 2015-12-16 | CVE-2015-7222 | Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow. | Fedora, Firefox, Leap, Opensuse | N/A |