Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-15	CVE-2023-4001	Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. low complexity gnu redhat fedoraproject CWE-290	6.8
2024-01-12	CVE-2024-23301	Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. local low complexity relax-and-recover suse redhat fedoraproject	5.5
2024-01-12	CVE-2024-0443	Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. local low complexity linux redhat fedoraproject CWE-668	5.5
2024-01-10	CVE-2024-0333	Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. network high complexity google fedoraproject	5.3
2024-01-10	CVE-2023-41056	Mismatched Memory Management Routines vulnerability in multiple products Redis is an in-memory database that persists on disk. network high complexity redis fedoraproject CWE-762	8.1
2024-01-10	CVE-2023-5455	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. network low complexity freeipa fedoraproject redhat CWE-352	6.5
2024-01-08	CVE-2021-3600	Out-of-bounds Write vulnerability in multiple products It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. local low complexity linux canonical fedoraproject redhat CWE-787	7.8
2024-01-04	CVE-2023-6270	Use After Free vulnerability in multiple products A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. local high complexity linux fedoraproject CWE-416	7.0
2024-01-04	CVE-2024-0222	Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-01-04	CVE-2024-0223	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-787	8.8

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject