Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-21	CVE-2023-41993	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The issue was addressed with improved checks. network low complexity apple fedoraproject debian oracle netapp webkitgtk CWE-754	8.8
2023-09-21	CVE-2023-43669	The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. network low complexity snapview fedoraproject	7.5
2023-09-18	CVE-2023-4527	Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject netapp CWE-125	6.5
2023-09-18	CVE-2023-4806	Use After Free vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject CWE-416	5.9
2023-09-18	CVE-2023-43115	In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. network low complexity artifex fedoraproject	8.8
2023-09-15	CVE-2023-38039	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. network low complexity haxx fedoraproject microsoft CWE-770	7.5
2023-09-13	CVE-2023-3255	Infinite Loop vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. network low complexity qemu redhat fedoraproject CWE-835	6.5
2023-09-13	CVE-2023-4155	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. local high complexity linux redhat fedoraproject CWE-367	5.6
2023-09-12	CVE-2023-4813	Use After Free vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject netapp CWE-416	5.9
2023-09-12	CVE-2023-4900	Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. network low complexity google fedoraproject debian	4.3