Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2024-03-07 CVE-2024-1931 Infinite Loop vulnerability in multiple products
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop.
network
low complexity
nlnetlabs fedoraproject CWE-835
7.5
7.5
2024-03-06 CVE-2024-25111 Squid is a web proxy cache.
network
low complexity
squid-cache fedoraproject netapp
7.5
7.5
2024-03-06 CVE-2024-2173 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-03-06 CVE-2024-2174 Out-of-bounds Write vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-03-06 CVE-2024-2176 Use After Free vulnerability in multiple products
Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-03-03 CVE-2024-28084 Improper Initialization vulnerability in multiple products
p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails.
network
low complexity
intel fedoraproject CWE-665
7.5
7.5
2024-02-29 CVE-2024-24246 Out-of-bounds Write vulnerability in multiple products
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.
local
low complexity
qpdf-project fedoraproject CWE-787
5.5
5.5
2024-02-29 CVE-2024-1938 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2024-02-29 CVE-2024-1939 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2024-02-28 CVE-2024-27285 Cross-site Scripting vulnerability in multiple products
YARD is a Ruby Documentation tool.
network
low complexity
yardoc fedoraproject debian CWE-79
6.1
6.1