Vulnerabilities > Fedoraproject > Fedora > 36

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-29007 Git is a revision control system.
local
low complexity
git-scm fedoraproject
7.8
7.8
2023-04-25 CVE-2023-2269 Improper Locking vulnerability in multiple products
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
local
low complexity
linux fedoraproject debian netapp CWE-667
4.4
4.4
2023-04-19 CVE-2023-2133 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-19 CVE-2023-2134 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-19 CVE-2023-2135 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page.
network
high complexity
google debian fedoraproject CWE-416
7.5
7.5
2023-04-19 CVE-2023-2136 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6
2023-04-19 CVE-2023-2137 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-18 CVE-2023-28856 Reachable Assertion vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis debian fedoraproject CWE-617
6.5
6.5
2023-04-15 CVE-2021-43612 Out-of-bounds Write vulnerability in multiple products
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
network
low complexity
lldpd-project fedoraproject CWE-787
7.5
7.5
2023-04-14 CVE-2023-2033 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject couchbase CWE-843
8.8
8.8