Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2023-2602 Memory Leak vulnerability in multiple products
A vulnerability was found in the pthread_create() function in libcap.
3.3
2023-06-06 CVE-2023-2603 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libcap.
7.8
2023-06-06 CVE-2023-33460 Memory Leak vulnerability in multiple products
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function.
network
low complexity
yajl-project fedoraproject debian CWE-401
6.5
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2023-06-05 CVE-2023-34410 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2.
network
low complexity
debian fedoraproject qt CWE-295
5.3
2023-05-30 CVE-2023-34151 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick.
5.5
2023-05-30 CVE-2023-34152 OS Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
network
low complexity
imagemagick fedoraproject redhat CWE-78
critical
9.8
2023-05-30 CVE-2023-34153 Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
local
low complexity
imagemagick fedoraproject redhat CWE-77
7.8
2023-05-26 CVE-2023-28321 Improper Certificate Validation vulnerability in multiple products
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates.
network
high complexity
haxx debian fedoraproject netapp apple CWE-295
5.9
2023-05-26 CVE-2023-28322 An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback.
network
high complexity
haxx fedoraproject apple netapp
3.7