Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
fedoraproject

fedora

16 Versions 60 CVEs

Versions

36

SINGLE_NUMBER 3 CVEs

40

SINGLE_NUMBER 36 CVEs

4.3.3

SEMANTIC 1 CVE

34

SINGLE_NUMBER 2 CVEs

39

SINGLE_NUMBER 30 CVEs

35

SINGLE_NUMBER 3 CVEs

4.1.9

SEMANTIC 1 CVE

4.2

MAJOR_MINOR 1 CVE

37

SINGLE_NUMBER 11 CVEs

30

SINGLE_NUMBER 1 CVE

33

SINGLE_NUMBER 2 CVEs

38

SINGLE_NUMBER 17 CVEs

4.0

MAJOR_MINOR 1 CVE

4.1

MAJOR_MINOR 1 CVE

29

SINGLE_NUMBER 1 CVE

4.2.6

SEMANTIC 1 CVE

Recent CVEs

CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.

MEDIUM May 29, 2024

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

CRITICAL May 09, 2024

CVE-2024-25111

Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid version 6.8. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. There is no workaround for this issue.

HIGH Mar 06, 2024

CVE-2024-24246

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.

UNKNOWN Feb 29, 2024

CVE-2024-24479

A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

UNKNOWN Feb 21, 2024

CVE-2023-7101

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.

HIGH Dec 24, 2023

CVE-2023-37536

An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.

HIGH Oct 11, 2023

CVE-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

HIGH Sep 21, 2023

CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

HIGH Sep 05, 2023

CVE-2022-48257

In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.

MEDIUM Jan 13, 2023