Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2023-03-23 CVE-2023-1544 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device.
local
low complexity
qemu fedoraproject CWE-770
6.3
6.3
2023-03-22 CVE-2023-28439 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor fedoraproject CWE-79
6.1
6.1
2023-03-21 CVE-2023-1528 Use After Free vulnerability in multiple products
Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2023-03-21 CVE-2023-1529 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device.
network
low complexity
google fedoraproject CWE-787
critical
 9.8
9.8
2023-03-21 CVE-2023-1530 Use After Free vulnerability in multiple products
Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2023-03-21 CVE-2023-1531 Use After Free vulnerability in multiple products
Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject chromium CWE-416
8.8
8.8
2023-03-21 CVE-2023-1532 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
8.8
8.8
2023-03-21 CVE-2023-1533 Use After Free vulnerability in multiple products
Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2023-03-21 CVE-2023-1534 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
8.8
8.8
2023-03-21 CVE-2022-42331 x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late.
local
low complexity
xen fedoraproject
5.5
5.5