Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-19	CVE-2023-2134	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-787	8.8
2023-04-19	CVE-2023-2135	Use After Free vulnerability in multiple products Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. network high complexity google debian fedoraproject CWE-416	7.5
2023-04-19	CVE-2023-2136	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google debian fedoraproject CWE-190 critical	9.6
2023-04-19	CVE-2023-2137	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-787	8.8
2023-04-18	CVE-2023-28856	Reachable Assertion vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. network low complexity redis debian fedoraproject CWE-617	6.5
2023-04-17	CVE-2023-29197	guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. network low complexity guzzlephp fedoraproject	7.5
2023-04-15	CVE-2021-43612	Out-of-bounds Write vulnerability in multiple products In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets. network low complexity lldpd-project fedoraproject CWE-787	7.5
2023-04-14	CVE-2023-2033	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject couchbase CWE-843	8.8
2023-04-12	CVE-2023-1906	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. local low complexity imagemagick fedoraproject CWE-787	5.5
2023-04-12	CVE-2023-1994	Resource Exhaustion vulnerability in multiple products GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file network low complexity wireshark debian fedoraproject CWE-400	6.5