Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-20 | CVE-2023-38408 | Unquoted Search Path or Element vulnerability in multiple products The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. | 9.8 |
| 2023-07-19 | CVE-2023-3674 | A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. | 2.8 |
| 2023-07-18 | CVE-2023-0160 | Improper Locking vulnerability in multiple products A deadlock flaw was found in the Linux kernel’s BPF subsystem. | 5.5 |
| 2023-07-17 | CVE-2023-38403 | Integer Overflow or Wraparound vulnerability in multiple products iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. | 7.5 |
| 2023-07-14 | CVE-2023-38252 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. | 5.5 |
| 2023-07-14 | CVE-2023-38253 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. | 5.5 |
| 2023-07-13 | CVE-2022-24834 | Redis is an in-memory database that persists on disk. | 8.8 |
| 2023-07-12 | CVE-2023-3106 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability was found in netlink_dump. | 7.8 |
| 2023-07-11 | CVE-2023-36824 | Redis is an in-memory database that persists on disk. | 8.8 |
| 2023-07-11 | CVE-2023-3354 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the QEMU built-in VNC server. | 7.5 |