Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-1981 | Resource Exhaustion vulnerability in multiple products A vulnerability was found in the avahi library. | 5.5 |
| 2023-05-26 | CVE-2023-2283 | Improper Authentication vulnerability in multiple products A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. | 6.5 |
| 2023-05-26 | CVE-2023-32681 | Information Exposure vulnerability in multiple products Requests is a HTTP library. | 6.1 |
| 2023-05-25 | CVE-2023-31130 | Out-of-bounds Write vulnerability in multiple products c-ares is an asynchronous resolver library. | 6.4 |
| 2023-05-25 | CVE-2023-31147 | Use of Insufficiently Random Values vulnerability in multiple products c-ares is an asynchronous resolver library. | 6.5 |
| 2023-05-17 | CVE-2023-2731 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. | 5.5 |
| 2023-05-15 | CVE-2023-1729 | Out-of-bounds Write vulnerability in multiple products A flaw was found in LibRaw. | 6.5 |
| 2023-05-15 | CVE-2023-2700 | Memory Leak vulnerability in multiple products A vulnerability was found in libvirt. | 5.5 |
| 2023-05-10 | CVE-2023-32570 | Race Condition vulnerability in multiple products VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit. | 5.9 |
| 2023-05-09 | CVE-2023-2609 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. | 5.5 |