Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-16 CVE-2023-3195 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-06-16 CVE-2023-2431 A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement.
local
low complexity
kubernetes fedoraproject
5.5
5.5
2023-06-12 CVE-2023-3161 Incorrect Calculation vulnerability in multiple products
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel.
local
low complexity
linux fedoraproject redhat CWE-682
5.5
5.5
2023-06-09 CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.
network
low complexity
postgresql redhat fedoraproject
5.4
5.4
2023-06-09 CVE-2023-32732 gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies.
network
low complexity
grpc fedoraproject
5.3
5.3
2023-06-08 CVE-2023-34969 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon.
network
low complexity
freedesktop fedoraproject debian
6.5
6.5
2023-06-06 CVE-2023-33460 Memory Leak vulnerability in multiple products
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function.
network
low complexity
yajl-project fedoraproject debian CWE-401
6.5
6.5
2023-05-30 CVE-2023-34151 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick.
local
low complexity
imagemagick fedoraproject redhat CWE-190
5.5
5.5
2023-05-26 CVE-2023-28321 Improper Certificate Validation vulnerability in multiple products
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates.
network
high complexity
haxx debian fedoraproject netapp apple CWE-295
5.9
5.9
2023-05-26 CVE-2023-1667 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing.
network
low complexity
libssh fedoraproject debian redhat CWE-476
6.5
6.5