RSS   Vulnerabilities for 'Fedora'   RSS

2023-12-07
 
CVE-2023-46218

CWE-noinfo
 

 
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.

 
2023-12-08
 
CVE-2023-45866

CWE-287
 

 
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.

 
2023-12-11
 
CVE-2023-6185

CWE-noinfo
 

 
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.

 
 
CVE-2023-6186

CWE-281
 

 
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.

 
 
CVE-2023-6679

CWE-476
 

 
A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.

 
2022-06-09
 
CVE-2022-1998

CWE-416
 

 
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

 
2022-06-07
 
CVE-2022-1708

CWE-400
 

 
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.

 
2022-05-31
 
CVE-2022-1942

CWE-787
 

 
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

 
2022-05-27
 
CVE-2022-1898

CWE-416
 

 
Use After Free in GitHub repository vim/vim prior to 8.2.

 
2022-05-18
 
CVE-2022-30597

NVD-CWE-Other
 

 
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.

 


Copyright 2024, cxsecurity.com

 

Back to Top