Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-06 | CVE-2024-2176 | Use After Free vulnerability in multiple products Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-03-03 | CVE-2024-28084 | Improper Initialization vulnerability in multiple products p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails. | 7.5 |
| 2024-02-29 | CVE-2024-1938 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 |
| 2024-02-29 | CVE-2024-1939 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-02-26 | CVE-2024-23835 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
| 2024-02-26 | CVE-2024-23836 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
| 2024-02-26 | CVE-2024-23837 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products LibHTP is a security-aware parser for the HTTP protocol. | 7.5 |
| 2024-02-26 | CVE-2024-23839 | Use After Free vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 8.1 |
| 2024-02-23 | CVE-2024-27318 | Path Traversal vulnerability in multiple products Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. | 7.5 |
| 2024-02-21 | CVE-2024-1669 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 8.8 |