VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
>
Fedora
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-01-31
CVE-2023-6780
Incorrect Calculation of Buffer Size vulnerability in multiple products
An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu
fedoraproject
CWE-131
5.3
5.3
2024-01-29
CVE-2024-23829
HTTP Request Smuggling vulnerability in multiple products
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp
fedoraproject
CWE-444
6.5
6.5
2024-01-29
CVE-2023-40546
NULL Pointer Dereference vulnerability in multiple products
A flaw was found in Shim when an error happened while creating a new ESL variable.
local
low complexity
redhat
fedoraproject
CWE-476
5.5
5.5
2024-01-29
CVE-2023-40549
Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary.
local
low complexity
redhat
fedoraproject
CWE-125
5.5
5.5
2024-01-29
CVE-2023-40550
Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information.
local
low complexity
redhat
fedoraproject
CWE-125
5.5
5.5
2024-01-29
CVE-2023-40551
Out-of-bounds Read vulnerability in multiple products
A flaw was found in the MZ binary format in Shim.
local
low complexity
redhat
fedoraproject
CWE-125
5.1
5.1
2024-01-24
CVE-2024-0805
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name.
network
low complexity
google
fedoraproject
4.3
4.3
2024-01-24
CVE-2024-0809
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page.
network
low complexity
google
fedoraproject
4.3
4.3
2024-01-24
CVE-2024-0811
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.
network
low complexity
google
fedoraproject
4.3
4.3
2024-01-24
CVE-2024-0814
Origin Validation Error vulnerability in multiple products
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page.
network
low complexity
google
fedoraproject
CWE-346
6.5
6.5
«
Previous
1
2
(current)
3
4
5
...
217
218
»
Next