Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-28	CVE-2024-27285	Cross-site Scripting vulnerability in multiple products YARD is a Ruby Documentation tool. network low complexity yardoc fedoraproject debian CWE-79	6.1
2024-02-22	CVE-2023-52160	Improper Authentication vulnerability in multiple products The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. network low complexity debian redhat fedoraproject w1-fi CWE-287	6.5
2024-02-20	CVE-2024-1547	Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). network low complexity mozilla debian	6.5
2024-02-20	CVE-2024-1550	Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. network low complexity mozilla debian CWE-1021	6.1
2024-02-11	CVE-2024-1151	Out-of-bounds Write vulnerability in multiple products A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. local low complexity debian redhat fedoraproject linux CWE-787	5.5
2024-01-23	CVE-2024-0741	Out-of-bounds Write vulnerability in multiple products An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. network low complexity mozilla debian CWE-787	6.5
2024-01-23	CVE-2024-0742	It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. network low complexity mozilla debian	4.3
2024-01-23	CVE-2024-0746	A Linux user opening the print preview dialog could have caused the browser to crash. network low complexity mozilla debian	6.5
2024-01-23	CVE-2024-0747	When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. network low complexity mozilla debian	6.5
2024-01-23	CVE-2024-0749	Origin Validation Error vulnerability in multiple products A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. network low complexity mozilla debian CWE-346	4.3