Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2023-04-04 CVE-2023-1820 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
8.8
2023-04-04 CVE-2023-1821 Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google fedoraproject debian
6.5
6.5
2023-04-04 CVE-2023-1822 Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
network
low complexity
google fedoraproject debian
6.5
6.5
2023-04-04 CVE-2023-1823 Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
6.5
6.5
2023-04-03 CVE-2023-26916 NULL Pointer Dereference vulnerability in multiple products
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
network
low complexity
cesnet fedoraproject CWE-476
5.3
5.3
2023-04-03 CVE-2023-1611 Use After Free vulnerability in multiple products
A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea
local
high complexity
fedoraproject linux CWE-416
6.3
6.3
2023-04-03 CVE-2022-36440 Reachable Assertion vulnerability in multiple products
A reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function.
network
low complexity
frrouting fedoraproject debian CWE-617
7.5
7.5
2023-03-31 CVE-2023-29141 An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3.
network
low complexity
mediawiki fedoraproject
critical
 9.8
9.8
2023-03-31 CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1.
network
low complexity
ruby-lang debian fedoraproject
5.3
5.3
2023-03-31 CVE-2023-28756 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1.
network
low complexity
ruby-lang debian fedoraproject
5.3
5.3