Vulnerabilities > Fedoraproject > Fedora > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-04-22 CVE-2024-32459 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-125
critical
 9.8
9.8
2024-04-22 CVE-2024-32458 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-125
critical
 9.8
9.8
2024-04-22 CVE-2024-32041 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-125
critical
 9.8
9.8
2024-04-22 CVE-2024-32040 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-191
critical
 9.8
9.8
2024-04-22 CVE-2024-32039 Integer Overflow or Wraparound vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol.
network
low complexity
freerdp fedoraproject CWE-190
critical
 9.8
9.8
2024-04-10 CVE-2024-3157 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures.
network
low complexity
google fedoraproject CWE-787
critical
 9.6
9.6
2024-02-23 CVE-2024-27319 Out-of-bounds Read vulnerability in multiple products
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.
network
low complexity
linuxfoundation fedoraproject CWE-125
critical
 9.1
9.1
2024-02-19 CVE-2024-1597 SQL Injection vulnerability in multiple products
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE.
network
low complexity
postgresql fedoraproject CWE-89
critical
 9.8
9.8
2024-02-07 CVE-2024-1284 Use After Free vulnerability in multiple products
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
 9.8
9.8
2024-02-07 CVE-2024-1283 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
critical
 9.8
9.8