Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > 8.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-30	CVE-2023-34153	Command Injection vulnerability in multiple products A vulnerability was found in ImageMagick. local low complexity imagemagick fedoraproject redhat CWE-77	7.8
2023-04-12	CVE-2023-1906	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. local low complexity imagemagick fedoraproject CWE-787	5.5
2023-03-23	CVE-2023-0056	Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. network low complexity haproxy redhat fedoraproject CWE-400	6.5
2023-03-23	CVE-2023-1289	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. local low complexity imagemagick fedoraproject redhat CWE-20	5.5
2022-12-09	CVE-2022-4170	The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. network low complexity rxvt-unicode-project fedoraproject critical	9.8
2022-11-29	CVE-2022-4144	An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. local low complexity qemu fedoraproject redhat	6.5
2022-09-30	CVE-2022-40313	Cross-site Scripting vulnerability in multiple products Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load. network low complexity moodle fedoraproject CWE-79	7.1
2022-09-30	CVE-2022-40315	SQL Injection vulnerability in multiple products A limited SQL injection risk was identified in the "browse list of users" site administration page. network low complexity moodle fedoraproject CWE-89 critical	9.8
2022-09-30	CVE-2022-40316	Missing Authorization vulnerability in multiple products The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. network low complexity moodle fedoraproject CWE-862	4.3
2022-09-19	CVE-2022-3213	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow issue was found in ImageMagick. local low complexity imagemagick fedoraproject CWE-787	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.