Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2024-0232	Use After Free vulnerability in multiple products A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. local low complexity sqlite redhat fedoraproject CWE-416	5.5
2023-12-24	CVE-2023-51766	Insufficient Verification of Data Authenticity vulnerability in multiple products Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. network low complexity exim fedoraproject debian CWE-345	5.3
2023-12-21	CVE-2023-4255	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. local low complexity tats fedoraproject CWE-787	5.5
2023-12-21	CVE-2023-4256	Double Free vulnerability in multiple products Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. local low complexity broadcom fedoraproject CWE-415	5.5
2023-11-19	CVE-2023-5341	Use After Free vulnerability in multiple products A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. local low complexity imagemagick fedoraproject CWE-416	5.5
2023-11-09	CVE-2023-5542	Exposure of Resource to Wrong Sphere vulnerability in multiple products Students in "Only see own membership" groups could see other students in the group, which should be hidden. network low complexity moodle fedoraproject CWE-668	4.3
2023-11-09	CVE-2023-5545	Exposure of Resource to Wrong Sphere vulnerability in multiple products H5P metadata automatically populated the author with the user's username, which could be sensitive information. network low complexity moodle fedoraproject CWE-668	5.3
2023-11-09	CVE-2023-5548	Insufficient Verification of Data Authenticity vulnerability in multiple products Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection. network low complexity moodle fedoraproject CWE-345	5.3
2023-11-09	CVE-2023-5549	Improper Privilege Management vulnerability in multiple products Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage. network low complexity moodle fedoraproject CWE-269	5.3
2023-10-04	CVE-2023-3428	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. local low complexity imagemagick fedoraproject CWE-787	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.