Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-03	CVE-2023-4133	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. local low complexity linux redhat fedoraproject CWE-416	5.5
2023-08-03	CVE-2023-4073	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-119	8.8
2023-08-02	CVE-2023-29407	Excessive Iteration vulnerability in multiple products A maliciously-crafted image can cause excessive CPU consumption in decoding. network low complexity golang fedoraproject CWE-834	6.5
2023-08-02	CVE-2023-29408	Allocation of Resources Without Limits or Throttling vulnerability in multiple products The TIFF decoder does not place a limit on the size of compressed tile data. network low complexity golang fedoraproject CWE-770	6.5
2023-08-02	CVE-2023-4016	Out-of-bounds Write vulnerability in multiple products Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. local low complexity procps-project fedoraproject CWE-787	3.3
2023-08-01	CVE-2023-38559	Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. local low complexity artifex redhat fedoraproject debian CWE-120	5.5
2023-07-31	CVE-2023-4004	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. local low complexity linux fedoraproject redhat netapp debian CWE-416	7.8
2023-07-29	CVE-2022-4907	Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. network low complexity google fedoraproject debian	8.8
2023-07-29	CVE-2022-4917	Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. network low complexity google fedoraproject	4.3
2023-07-29	CVE-2022-4926	Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. network low complexity google fedoraproject	6.5