Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2023-10-06 CVE-2023-45239 A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server.
network
low complexity
facebook fedoraproject
critical
 9.8
9.8
2023-10-06 CVE-2023-39928 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5.
network
low complexity
webkitgtk debian fedoraproject CWE-416
8.8
8.8
2023-10-05 CVE-2023-39323 Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation.
network
high complexity
golang fedoraproject
8.1
8.1
2023-10-05 CVE-2023-5441 NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
local
low complexity
vim fedoraproject
5.5
5.5
2023-10-05 CVE-2023-40745 Integer Overflow or Wraparound vulnerability in multiple products
LibTIFF is vulnerable to an integer overflow.
network
low complexity
libtiff fedoraproject redhat netapp CWE-190
6.5
6.5
2023-10-05 CVE-2023-41175 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c.
network
low complexity
libtiff fedoraproject redhat CWE-190
6.5
6.5
2023-10-05 CVE-2023-42754 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack.
local
low complexity
linux redhat fedoraproject CWE-476
5.5
5.5
2023-10-05 CVE-2023-5346 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2023-10-04 CVE-2023-39191 An improper input validation flaw was found in the eBPF subsystem in the Linux kernel.
local
low complexity
linux fedoraproject redhat
8.2
8.2
2023-10-04 CVE-2023-3428 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5