Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-13 CVE-2023-4155 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel.
local
high complexity
linux redhat fedoraproject CWE-367
5.6
5.6
2023-09-12 CVE-2023-4813 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-416
5.9
5.9
2023-09-12 CVE-2023-4900 Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4901 Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4902 Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4903 Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4904 Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4905 Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4906 Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4907 Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3