Vulnerabilities > Fedoraproject > Fedora > 38

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2023-52429 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
local
low complexity
linux fedoraproject CWE-754
5.5
2024-02-07 CVE-2024-20290 Out-of-bounds Read vulnerability in multiple products
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read.
network
low complexity
cisco fedoraproject CWE-125
7.5
2024-02-07 CVE-2024-1283 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
critical
9.8
2024-02-07 CVE-2024-1284 Use After Free vulnerability in multiple products
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
9.8
2024-02-06 CVE-2024-0690 Improper Encoding or Escaping of Output vulnerability in multiple products
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios.
local
low complexity
redhat fedoraproject CWE-116
5.5
2024-01-31 CVE-2023-6246 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
local
low complexity
gnu fedoraproject CWE-787
7.8
2024-01-31 CVE-2023-6779 Out-of-bounds Write vulnerability in multiple products
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-787
7.5
2024-01-31 CVE-2023-6780 Incorrect Calculation of Buffer Size vulnerability in multiple products
An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-131
5.3
2024-01-30 CVE-2024-1059 Use After Free vulnerability in multiple products
Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
2024-01-30 CVE-2024-1060 Use After Free vulnerability in multiple products
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8