Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-29007 Git is a revision control system.
local
low complexity
git-scm fedoraproject
7.8
7.8
2023-04-25 CVE-2023-25652 Git is a revision control system.
network
low complexity
git-scm fedoraproject
7.5
7.5
2023-04-25 CVE-2022-42335 NULL Pointer Dereference vulnerability in multiple products
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode.
local
low complexity
xen fedoraproject CWE-476
7.8
7.8
2023-04-19 CVE-2023-2133 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-19 CVE-2023-2134 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-19 CVE-2023-2135 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page.
network
high complexity
google debian fedoraproject CWE-416
7.5
7.5
2023-04-19 CVE-2023-2137 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-17 CVE-2023-29197 guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP.
network
low complexity
guzzlephp fedoraproject
7.5
7.5
2023-04-15 CVE-2021-43612 Out-of-bounds Write vulnerability in multiple products
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
network
low complexity
lldpd-project fedoraproject CWE-787
7.5
7.5
2023-04-14 CVE-2023-2033 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject couchbase CWE-843
8.8
8.8