Vulnerabilities > Fedoraproject > Fedora > 37

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-05	CVE-2023-5441	NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. local low complexity vim fedoraproject	5.5
2023-10-05	CVE-2023-42754	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. local low complexity linux redhat fedoraproject CWE-476	5.5
2023-10-05	CVE-2023-5346	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-843	8.8
2023-10-04	CVE-2023-43804	urllib3 is a user-friendly HTTP client library for Python. network low complexity python debian fedoraproject	8.1
2023-10-03	CVE-2023-4911	Out-of-bounds Write vulnerability in multiple products A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. local low complexity gnu fedoraproject redhat debian canonical netapp CWE-787	7.8
2023-10-03	CVE-2023-5345	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705. local low complexity linux fedoraproject CWE-416	7.8
2023-10-02	CVE-2023-5344	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. network low complexity vim fedoraproject	7.5
2023-09-30	CVE-2023-44488	Improper Handling of Exceptional Conditions vulnerability in multiple products VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. network low complexity webmproject redhat debian fedoraproject CWE-755	7.5
2023-09-29	CVE-2023-43655	Injection vulnerability in multiple products Composer is a dependency manager for PHP. network low complexity getcomposer debian fedoraproject CWE-74	8.8
2023-09-28	CVE-2023-5186	Use After Free vulnerability in multiple products Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. network low complexity google debian fedoraproject CWE-416	8.8