Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-07 CVE-2023-1264 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
local
low complexity
vim fedoraproject CWE-476
5.5
5.5
2023-03-06 CVE-2021-20251 Race Condition vulnerability in multiple products
A flaw was found in samba.
network
high complexity
samba fedoraproject CWE-362
5.9
5.9
2023-02-28 CVE-2022-41727 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig.
local
low complexity
golang fedoraproject CWE-770
5.5
5.5
2023-02-27 CVE-2023-1055 Improper Certificate Validation vulnerability in multiple products
A flaw was found in RHDS 11 and RHDS 12.
local
low complexity
redhat fedoraproject CWE-295
5.5
5.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
6.5
2023-02-08 CVE-2023-0003 Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.
network
low complexity
paloaltonetworks fedoraproject CWE-610
6.5
6.5
2023-02-03 CVE-2023-25136 Double Free vulnerability in multiple products
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling.
network
high complexity
openbsd fedoraproject netapp CWE-415
6.5
6.5
2023-02-02 CVE-2022-3560 Path Traversal vulnerability in multiple products
A flaw was found in pesign.
local
low complexity
pesign-project fedoraproject redhat CWE-22
5.5
5.5
2023-01-30 CVE-2022-48303 Out-of-bounds Read vulnerability in multiple products
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump.
local
low complexity
gnu fedoraproject CWE-125
5.5
5.5
2023-01-27 CVE-2022-4285 NULL Pointer Dereference vulnerability in multiple products
An illegal memory access flaw was found in the binutils package.
local
low complexity
gnu fedoraproject redhat CWE-476
5.5
5.5