Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2024-05-01 CVE-2024-27021 Improper Locking vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on module removal we get a RTNL-related deadlock.
local
low complexity
linux fedoraproject CWE-667
7.8
2024-04-15 CVE-2024-31497 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures.
5.9
2024-04-04 CVE-2024-27316 HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response.
network
low complexity
apache fedoraproject netapp
7.5
2024-03-20 CVE-2024-2625 Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google fedoraproject
8.8
2024-03-20 CVE-2024-2626 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
6.5
2024-03-20 CVE-2024-2627 Use After Free vulnerability in multiple products
Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
2024-03-20 CVE-2024-2628 Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL.
network
low complexity
google fedoraproject
4.3
2024-03-20 CVE-2024-2629 Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
2024-03-20 CVE-2024-2630 Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
2024-03-20 CVE-2024-2631 Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject
4.3