Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-05 | CVE-2023-41175 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. | 6.5 |
| 2023-10-05 | CVE-2023-42754 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. | 5.5 |
| 2023-10-04 | CVE-2023-3428 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. | 5.5 |
| 2023-10-04 | CVE-2023-3576 | Memory Leak vulnerability in multiple products A memory leak flaw was found in Libtiff's tiffcrop utility. | 5.5 |
| 2023-09-28 | CVE-2023-42756 | Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. | 4.7 |
| 2023-09-27 | CVE-2023-42822 | Out-of-bounds Read vulnerability in multiple products xrdp is an open source remote desktop protocol server. | 6.5 |
| 2023-09-27 | CVE-2023-42453 | Improper Authorization vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 4.3 |
| 2023-09-27 | CVE-2023-5169 | Out-of-bounds Write vulnerability in multiple products A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. | 6.5 |
| 2023-09-27 | CVE-2023-5171 | Use After Free vulnerability in multiple products During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. | 6.5 |
| 2023-09-22 | CVE-2023-42811 | Improper Verification of Cryptographic Signature vulnerability in multiple products aes-gcm is a pure Rust implementation of the AES-GCM. | 5.5 |