High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-15	CVE-2023-38039	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. network low complexity haxx fedoraproject microsoft CWE-770	7.5
2023-09-12	CVE-2023-4863	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject debian mozilla microsoft webmproject netapp bentley bandisoft CWE-787	8.8
2023-09-09	CVE-2023-41915	Race Condition vulnerability in multiple products OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. network high complexity openpmix fedoraproject debian CWE-362	8.1
2023-09-05	CVE-2023-39357	Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject	8.8
2023-09-05	CVE-2023-39358	Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject	8.8
2023-09-05	CVE-2023-39362	Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject	7.2
2023-09-05	CVE-2023-4761	Out-of-bounds Read vulnerability in multiple products Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian fedoraproject CWE-125	8.1
2023-09-05	CVE-2023-4762	Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject microsoft CWE-843	8.8
2023-09-05	CVE-2023-39359	Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject	8.8
2023-09-05	CVE-2023-41909	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in FRRouting FRR through 9.0. network low complexity frrouting debian fedoraproject CWE-476	7.5