Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2023-41056 Redis is an in-memory database that persists on disk.
network
high complexity
redis fedoraproject
8.1
8.1
2024-01-08 CVE-2021-3600 Out-of-bounds Write vulnerability in multiple products
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations.
local
low complexity
linux canonical fedoraproject redhat CWE-787
7.8
7.8
2024-01-04 CVE-2023-6270 Use After Free vulnerability in multiple products
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel.
local
high complexity
linux fedoraproject CWE-416
7.0
7.0
2024-01-04 CVE-2024-0222 Use After Free vulnerability in multiple products
Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-01-04 CVE-2024-0223 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-01-04 CVE-2024-0224 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-01-04 CVE-2024-0225 Use After Free vulnerability in multiple products
Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2023-12-29 CVE-2023-7104 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical.
network
low complexity
sqlite fedoraproject CWE-119
7.3
7.3
2023-12-24 CVE-2023-7101 Code Injection vulnerability in multiple products
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files.
local
low complexity
jmcnamara debian fedoraproject CWE-94
7.8
7.8
2023-12-24 CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit.
local
high complexity
openbsd fedoraproject redhat
7.0
7.0