VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
>
Fedora
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-02-19
CVE-2024-25979
The URL parameters accepted by forum search were not limited to the allowed parameters.
network
low complexity
moodle
fedoraproject
5.3
5.3
2024-02-19
CVE-2024-25980
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups.
network
low complexity
moodle
fedoraproject
5.3
5.3
2024-02-19
CVE-2024-25981
Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups.
network
low complexity
moodle
fedoraproject
5.3
5.3
2024-02-19
CVE-2024-25983
Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
network
low complexity
moodle
fedoraproject
CWE-639
5.3
5.3
2024-02-12
CVE-2023-6681
A vulnerability was found in JWCrypto.
network
low complexity
latchset
redhat
fedoraproject
5.3
5.3
2024-02-12
CVE-2023-52429
Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
local
low complexity
linux
fedoraproject
CWE-754
5.5
5.5
2024-02-11
CVE-2024-1151
Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian
redhat
fedoraproject
linux
CWE-787
5.5
5.5
2024-02-08
CVE-2024-1312
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function.
local
high complexity
linux
fedoraproject
4.7
4.7
2024-02-06
CVE-2024-0690
Improper Encoding or Escaping of Output vulnerability in multiple products
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios.
local
low complexity
redhat
fedoraproject
CWE-116
5.5
5.5
2024-01-31
CVE-2023-6780
An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu
fedoraproject
5.3
5.3
«
Previous
1
2
...
5
6
7
(current)
8
9
...
186
187
»
Next