Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2024-0567	Improper Verification of Cryptographic Signature vulnerability in multiple products A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. network low complexity gnu fedoraproject netapp debian CWE-347	7.5
2024-01-16	CVE-2024-0553	Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found in GnuTLS. network low complexity gnu fedoraproject redhat CWE-203	7.5
2024-01-15	CVE-2023-4001	Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. low complexity gnu redhat fedoraproject CWE-290	6.8
2024-01-12	CVE-2024-23301	Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. local low complexity relax-and-recover suse redhat fedoraproject	5.5
2024-01-12	CVE-2024-0443	Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. local low complexity linux redhat fedoraproject CWE-668	5.5
2024-01-10	CVE-2024-0333	Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. network high complexity google fedoraproject	5.3
2024-01-10	CVE-2023-41056	Redis is an in-memory database that persists on disk. network high complexity redis fedoraproject	8.1
2024-01-10	CVE-2023-5455	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. network low complexity freeipa fedoraproject redhat CWE-352	6.5
2024-01-08	CVE-2021-3600	Out-of-bounds Write vulnerability in multiple products It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. local low complexity linux canonical fedoraproject redhat CWE-787	7.8
2024-01-04	CVE-2023-6270	Use After Free vulnerability in multiple products A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. local high complexity linux fedoraproject CWE-416	7.0