Vulnerabilities > Fedoraproject > Fedora > 38

DATE CVE VULNERABILITY TITLE RISK
2024-04-22 CVE-2024-32040 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-191
critical
 9.8
9.8
2024-04-22 CVE-2024-32041 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-125
critical
 9.8
9.8
2024-04-22 CVE-2024-32458 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-125
critical
 9.8
9.8
2024-04-17 CVE-2024-3914 Use After Free vulnerability in multiple products
Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
6.5
6.5
2024-04-17 CVE-2024-3832 Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google fedoraproject
8.8
8.8
2024-04-17 CVE-2024-3833 Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google fedoraproject
8.8
8.8
2024-04-17 CVE-2024-3840 Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject
7.5
7.5
2024-04-17 CVE-2024-3841 Cross-site Scripting vulnerability in multiple products
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file.
network
low complexity
google fedoraproject CWE-79
6.1
6.1
2024-04-17 CVE-2024-3843 Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3
2024-04-17 CVE-2024-3844 Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension.
network
low complexity
google fedoraproject
4.3
4.3