Vulnerabilities > Fedoraproject > Fedora > 39

DATE CVE VULNERABILITY TITLE RISK
2024-01-24 CVE-2024-0813 Use After Free vulnerability in multiple products
Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-01-24 CVE-2024-0814 Origin Validation Error vulnerability in multiple products
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject CWE-346
6.5
6.5
2024-01-19 CVE-2024-22420 Cross-site Scripting vulnerability in multiple products
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture.
network
low complexity
jupyter fedoraproject CWE-79
6.1
6.1
2024-01-19 CVE-2024-22421 Relative Path Traversal vulnerability in multiple products
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture.
network
low complexity
jupyter fedoraproject CWE-23
6.5
6.5
2024-01-18 CVE-2024-0408 A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject
5.5
5.5
2024-01-18 CVE-2024-0409 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject CWE-787
7.8
7.8
2024-01-18 CVE-2024-0607 A flaw was found in the Netfilter subsystem in the Linux kernel.
local
low complexity
linux fedoraproject redhat
6.6
6.6
2024-01-18 CVE-2023-6816 Out-of-bounds Write vulnerability in multiple products
A flaw was found in X.Org server.
network
low complexity
x-org fedoraproject redhat debian CWE-787
critical
 9.8
9.8
2024-01-16 CVE-2024-0517 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-01-16 CVE-2024-0518 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8