Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-14 CVE-2023-38252 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c.
local
low complexity
tats redhat fedoraproject CWE-125
5.5
5.5
2023-07-14 CVE-2023-38253 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c.
local
low complexity
tats redhat fedoraproject CWE-125
5.5
5.5
2023-07-10 CVE-2023-26590 Incorrect Comparison vulnerability in multiple products
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58.
local
low complexity
sox-project redhat fedoraproject CWE-697
5.5
5.5
2023-07-10 CVE-2023-32627 Incorrect Comparison vulnerability in multiple products
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18.
local
low complexity
sox-project redhat fedoraproject CWE-697
5.5
5.5
2023-06-16 CVE-2023-34474 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-06-16 CVE-2023-34475 Use After Free vulnerability in multiple products
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c.
local
low complexity
imagemagick fedoraproject CWE-416
5.5
5.5
2023-06-16 CVE-2023-3195 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-05-30 CVE-2023-34151 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick. 		5.5
5.5
2023-05-02 CVE-2023-30943 Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders.
network
low complexity
moodle fedoraproject CWE-610
5.3
5.3
2023-04-12 CVE-2023-1906 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5