High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-28	CVE-2023-27320	Double Free vulnerability in multiple products Sudo before 1.9.13p2 has a double free in the per-command chroot feature. network low complexity sudo-project fedoraproject CWE-415	7.2
2023-02-20	CVE-2023-26081	Exposure of Resource to Wrong Sphere vulnerability in multiple products In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. network low complexity gnome fedoraproject CWE-668	7.5
2023-02-17	CVE-2023-24329	Improper Input Validation vulnerability in multiple products An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. network low complexity python fedoraproject netapp CWE-20	7.5
2023-02-15	CVE-2023-0361	Information Exposure Through Discrepancy vulnerability in multiple products A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. network high complexity gnu redhat debian fedoraproject netapp CWE-203	7.4
2023-02-07	CVE-2022-46663	In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. network low complexity gnu fedoraproject	7.5
2023-02-04	CVE-2023-25193	Allocation of Resources Without Limits or Throttling vulnerability in multiple products hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. network low complexity harfbuzz-project fedoraproject CWE-770	7.5
2023-01-20	CVE-2022-47021	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. local low complexity xiph fedoraproject CWE-476	7.8
2023-01-18	CVE-2023-22809	Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. local low complexity sudo-project debian fedoraproject apple CWE-269	7.8
2023-01-17	CVE-2022-47318	ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. network low complexity ruby-git-project debian fedoraproject	8.0
2023-01-10	CVE-2022-4379	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. network low complexity linux fedoraproject CWE-416	7.5