Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-03	CVE-2023-42670	A flaw was found in Samba. network low complexity samba fedoraproject	6.5
2023-11-03	CVE-2023-4091	Incorrect Default Permissions vulnerability in multiple products A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". network low complexity samba fedoraproject redhat CWE-276	6.5
2023-11-01	CVE-2023-5480	Cross-site Scripting vulnerability in multiple products Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. network low complexity google debian fedoraproject CWE-79	6.1
2023-11-01	CVE-2023-5850	Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. network low complexity google debian fedoraproject	4.3
2023-11-01	CVE-2023-5851	Origin Validation Error vulnerability in multiple products Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-11-01	CVE-2023-5853	Origin Validation Error vulnerability in multiple products Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-11-01	CVE-2023-5858	Origin Validation Error vulnerability in multiple products Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-11-01	CVE-2023-5859	Origin Validation Error vulnerability in multiple products Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-10-31	CVE-2023-43796	Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. network low complexity matrix fedoraproject	5.3
2023-10-25	CVE-2023-5380	Use After Free vulnerability in multiple products A use-after-free flaw was found in the xorg-x11-server. local high complexity x-org redhat fedoraproject debian CWE-416	4.7