Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-15	CVE-2023-38039	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. network low complexity haxx fedoraproject CWE-770	7.5
2023-09-13	CVE-2023-3255	Infinite Loop vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. network low complexity qemu redhat fedoraproject CWE-835	6.5
2023-09-13	CVE-2023-4155	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. local high complexity linux redhat fedoraproject CWE-367	5.6
2023-09-12	CVE-2023-4813	Use After Free vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject CWE-416	5.9
2023-09-12	CVE-2023-4863	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject debian mozilla microsoft webmproject CWE-787	8.8
2023-09-11	CVE-2023-4881	Out-of-bounds Write vulnerability in multiple products A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. local low complexity linux redhat fedoraproject CWE-787	7.1
2023-09-04	CVE-2023-4733	Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.1840. local low complexity vim fedoraproject CWE-416	7.8
2023-09-04	CVE-2023-4750	Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.1857. local low complexity vim fedoraproject CWE-416	7.8
2023-09-04	CVE-2023-4752	Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.1858. local low complexity vim fedoraproject CWE-416	7.8
2023-09-01	CVE-2023-36328	Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). network low complexity libtom fedoraproject CWE-190 critical	9.8