Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-12	CVE-2023-1906	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. local low complexity imagemagick fedoraproject CWE-787	5.5
2023-04-12	CVE-2023-1994	Resource Exhaustion vulnerability in multiple products GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file network low complexity wireshark debian fedoraproject CWE-400	6.5
2023-04-12	CVE-2023-1993	Excessive Iteration vulnerability in multiple products LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file network low complexity wireshark debian fedoraproject CWE-834	6.5
2023-04-12	CVE-2023-0004	A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software. network low complexity paloaltonetworks fedoraproject	6.5
2023-04-04	CVE-2023-1813	Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2023-04-04	CVE-2023-1814	Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2023-04-04	CVE-2023-1816	Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2023-04-04	CVE-2023-1817	Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2023-04-04	CVE-2023-1819	Out-of-bounds Read vulnerability in multiple products Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google fedoraproject debian CWE-125	6.5
2023-04-04	CVE-2023-1821	Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject debian	6.5