Vulnerabilities > Fedoraproject > Fedora > 38

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-03	CVE-2023-5345	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705. local low complexity linux fedoraproject CWE-416	7.8
2023-10-02	CVE-2023-5344	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. network low complexity vim fedoraproject	7.5
2023-09-29	CVE-2023-43655	Injection vulnerability in multiple products Composer is a dependency manager for PHP. network low complexity getcomposer debian fedoraproject CWE-74	8.8
2023-09-28	CVE-2023-5186	Use After Free vulnerability in multiple products Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. network low complexity google debian fedoraproject CWE-416	8.8
2023-09-28	CVE-2023-5187	Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-416	8.8
2023-09-28	CVE-2023-5217	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple google redhat CWE-787	8.8
2023-09-28	CVE-2023-42756	Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. local high complexity linux redhat debian fedoraproject CWE-362	4.7
2023-09-27	CVE-2023-42822	Out-of-bounds Read vulnerability in multiple products xrdp is an open source remote desktop protocol server. network low complexity neutrinolabs fedoraproject CWE-125	6.5
2023-09-27	CVE-2023-41335	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. network high complexity matrix fedoraproject	3.7
2023-09-27	CVE-2023-42453	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. network low complexity matrix fedoraproject	4.3