Vulnerabilities > Fedoraproject > Fedora > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-18 | CVE-2024-0607 | A flaw was found in the Netfilter subsystem in the Linux kernel. | 6.6 |
2024-01-16 | CVE-2024-0232 | Use After Free vulnerability in multiple products A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. | 5.5 |
2024-01-15 | CVE-2023-4001 | Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. | 6.8 |
2024-01-12 | CVE-2024-23301 | Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. | 5.5 |
2024-01-12 | CVE-2024-0443 | Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. | 5.5 |
2024-01-10 | CVE-2024-0333 | Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. | 5.3 |
2024-01-10 | CVE-2023-5455 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. | 6.5 |
2024-01-03 | CVE-2023-6004 | Injection vulnerability in multiple products A flaw was found in libssh. | 4.8 |
2024-01-02 | CVE-2023-6693 | Out-of-bounds Write vulnerability in multiple products A stack based buffer overflow was found in the virtio-net device of QEMU. | 5.3 |
2023-12-24 | CVE-2023-51766 | Insufficient Verification of Data Authenticity vulnerability in multiple products Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. | 5.3 |