Fedoraproject Fedora vulnerabilities

CVE-2024-24479 [HIGH] CWE-120 CVE-2024-24479: A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service vi A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

CVE-2024-1674 [HIGH] CVE-2024-1674: Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2024-1669 [HIGH] CWE-787 CVE-2024-1669: Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attack Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

CVE-2024-24476 [HIGH] CWE-119 CVE-2024-24476: A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service vi A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

CVE-2024-1673 [HIGH] CWE-416 CVE-2024-1673: Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker wh Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE-2024-1672 [MEDIUM] CWE-474 CVE-2024-1672: Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allo Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-42843 [MEDIUM] CWE-290 CVE-2023-42843: An inconsistent user interface issue was addressed with improved state management. This issue is fix An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.

CVE-2024-1676 [MEDIUM] CWE-79 CVE-2024-1676: Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

CVE-2024-21812 [CRITICAL] CWE-190 CVE-2024-21812: An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-23310 [CRITICAL] CWE-825 CVE-2024-23310: A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project li A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-23313 [CRITICAL] CWE-191 CVE-2024-23313: An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Projec An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-22097 [CRITICAL] CWE-415 CVE-2024-22097: A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Pro A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Master Branch (ab0ee111) and 2.5.0. A specially crafted .vdhr file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-23606 [CRITICAL] CWE-131 CVE-2024-23606: An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Proj An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-23809 [CRITICAL] CWE-415 CVE-2024-23809: A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Bios A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .vdhr file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-21795 [CRITICAL] CWE-122 CVE-2024-21795: A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Pr A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .egi file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-23305 [CRITICAL] CWE-787 CVE-2024-23305: An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The Bi An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .vmrk file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2024-1597 [CRITICAL] CWE-89 CVE-2024-1597: pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. N pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on th

CVE-2024-25982 [HIGH] CWE-352 CVE-2024-25982: The link to update all installed language packs did not include the necessary token to prevent a CSR The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.

CVE-2024-25978 [HIGH] CWE-400 CVE-2024-25978: Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functi Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.

CVE-2024-1580 [HIGH] CWE-190 CVE-2024-1580: An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.