Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2023-52429 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
local
low complexity
linux fedoraproject CWE-754
5.5
2024-02-08 CVE-2024-1312 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function.
local
high complexity
linux fedoraproject CWE-416
4.7
2024-02-06 CVE-2024-0690 Improper Encoding or Escaping of Output vulnerability in multiple products
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios.
local
low complexity
redhat fedoraproject CWE-116
5.5
2024-01-31 CVE-2023-6780 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-190
5.3
2024-01-29 CVE-2024-23829 HTTP Request Smuggling vulnerability in multiple products
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp fedoraproject CWE-444
6.5
2024-01-29 CVE-2023-40546 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in Shim when an error happened while creating a new ESL variable.
local
low complexity
redhat fedoraproject CWE-476
5.5
2024-01-29 CVE-2023-40549 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary.
local
low complexity
redhat fedoraproject CWE-125
5.5
2024-01-29 CVE-2023-40550 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information.
local
low complexity
redhat fedoraproject CWE-125
5.5
2024-01-24 CVE-2024-0805 Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name.
network
low complexity
google fedoraproject
4.3
2024-01-24 CVE-2024-0809 Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page.
network
low complexity
google fedoraproject
4.3