Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2023-03-07 CVE-2023-1264 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
local
low complexity
vim fedoraproject CWE-476
5.5
2023-03-06 CVE-2021-20251 Race Condition vulnerability in multiple products
A flaw was found in samba.
network
high complexity
samba fedoraproject CWE-362
5.9
2023-03-06 CVE-2022-4904 Improper Input Validation vulnerability in multiple products
A flaw was found in the c-ares package.
network
low complexity
c-ares-project redhat fedoraproject CWE-20
8.6
2023-03-03 CVE-2022-41862 In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption.
network
high complexity
postgresql fedoraproject redhat
3.7
2023-03-01 CVE-2023-1127 Divide By Zero vulnerability in multiple products
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
local
low complexity
vim fedoraproject CWE-369
7.8
2023-02-28 CVE-2023-27320 Double Free vulnerability in multiple products
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
network
low complexity
sudo-project fedoraproject CWE-415
7.2
2023-02-27 CVE-2023-1055 Improper Certificate Validation vulnerability in multiple products
A flaw was found in RHDS 11 and RHDS 12.
local
low complexity
redhat fedoraproject CWE-295
5.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian CWE-770
7.5
2023-02-20 CVE-2023-26081 Exposure of Resource to Wrong Sphere vulnerability in multiple products
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
network
low complexity
gnome fedoraproject CWE-668
7.5
2023-02-04 CVE-2023-25193 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
network
low complexity
harfbuzz-project fedoraproject CWE-770
7.5