Fedoraproject Security Vulnerabilities
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
5.5CVSS
5.8AI Score
0.001EPSS
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
5.5CVSS
5.8AI Score
0.001EPSS
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
5.5CVSS
5.8AI Score
0.001EPSS
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
5.5CVSS
5.2AI Score
0.001EPSS
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
5.5CVSS
5.2AI Score
0.001EPSS
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
5.5CVSS
5.1AI Score
0.001EPSS
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
5.5CVSS
5.2AI Score
0.001EPSS
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
5.5CVSS
5.2AI Score
0.001EPSS
MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.
5.5CVSS
6.3AI Score
0.001EPSS
MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).
5.5CVSS
6.3AI Score
0.001EPSS
MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.
5.5CVSS
6.3AI Score
0.001EPSS
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.
5.5CVSS
6.3AI Score
0.001EPSS
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.
5.5CVSS
6.3AI Score
0.001EPSS
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.
5.5CVSS
5.6AI Score
0.001EPSS
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.
5.5CVSS
6.4AI Score
0.001EPSS
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
7.5CVSS
7.2AI Score
0.005EPSS
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.
7.8CVSS
7.6AI Score
0.001EPSS
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
7.8CVSS
7.8AI Score
0.001EPSS
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
9.1CVSS
9.3AI Score
0.004EPSS
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
8.8AI Score
0.007EPSS
Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.
9.6CVSS
8.7AI Score
0.002EPSS
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.
8.8CVSS
9.2AI Score
0.003EPSS
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
8.8CVSS
9.1AI Score
0.006EPSS
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
8.9AI Score
0.009EPSS
Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.
8.8CVSS
9AI Score
0.013EPSS
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
8.6AI Score
0.009EPSS
Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
9AI Score
0.008EPSS
Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
8.9AI Score
0.007EPSS
Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
9AI Score
0.007EPSS
Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
9AI Score
0.007EPSS
Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
8.8CVSS
9.1AI Score
0.003EPSS
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5CVSS
6.3AI Score
0.007EPSS
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.
6.5CVSS
6.3AI Score
0.004EPSS
Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
4.3CVSS
5AI Score
0.006EPSS
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.
6.5CVSS
6.5AI Score
0.006EPSS
Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.
4.3CVSS
5.3AI Score
0.004EPSS
Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5CVSS
6.4AI Score
0.005EPSS
Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.
8.1CVSS
7.9AI Score
0.005EPSS
Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
8.8CVSS
8.3AI Score
0.007EPSS
Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
4.3CVSS
4.8AI Score
0.005EPSS
Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5CVSS
6.4AI Score
0.004EPSS
Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.
4.3CVSS
5AI Score
0.004EPSS
Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.
6.5CVSS
6.7AI Score
0.004EPSS
5.5CVSS
5.5AI Score
0.001EPSS
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
5.4CVSS
5.3AI Score
0.001EPSS
3.3CVSS
3.6AI Score
0.001EPSS
5.5CVSS
5.2AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.002EPSS
8.8CVSS
8.6AI Score
0.002EPSS
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
8.8CVSS
8.1AI Score
0.001EPSS