Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 40 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2408
The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/p...
Php Php
Fedoraproject Fedora 40
NA
CVE-2024-5585
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the argumen...
Php Php
Fedoraproject Fedora 40
NA
CVE-2024-5458
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (usernam...
Php Php
Fedoraproject Fedora 40
NA
CVE-2024-4058
Type confusion in ANGLE in Google Chrome before 124.0.6367.78 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Google Chrome
Fedoraproject Fedora 40
NA
CVE-2024-27012
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort path, nft_mapelem_activate() needs to restore refcounters to the original state. Currently, it uses the set->ops->walk() to iterat...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
NA
CVE-2024-27014
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end i...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
NA
CVE-2024-27018
In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patc...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
NA
CVE-2024-26986
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in create_process failure Fix memory leak due to a leaked mmget reference on an error handling code path that is triggered when attempting to create KFD processes while a GPU reset is ...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
NA
CVE-2024-26987
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled When I did hard offline test with hugetlb pages, below deadlock occurs: ====================================================== WARNING: pos...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
NA
CVE-2024-27013
In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. When ...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »