Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-08 | CVE-2024-23280 | Injection vulnerability in multiple products An injection issue was addressed with improved validation. | 6.5 |
| 2024-03-08 | CVE-2024-23284 | A logic issue was addressed with improved state management. | 6.5 |
| 2024-03-07 | CVE-2024-1931 | Infinite Loop vulnerability in multiple products NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. | 7.5 |
| 2024-03-06 | CVE-2024-25111 | Uncontrolled Recursion vulnerability in multiple products Squid is a web proxy cache. | 7.5 |
| 2024-03-06 | CVE-2024-2173 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2024-03-06 | CVE-2024-2174 | Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-03-06 | CVE-2024-2176 | Use After Free vulnerability in multiple products Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-03-03 | CVE-2024-28084 | Improper Initialization vulnerability in multiple products p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails. | 7.5 |
| 2024-02-29 | CVE-2024-24246 | Out-of-bounds Write vulnerability in multiple products Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h. | 5.5 |
| 2024-02-29 | CVE-2024-1938 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 |