Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-29 | CVE-2023-43655 | Injection vulnerability in multiple products Composer is a dependency manager for PHP. | 8.8 |
| 2023-09-28 | CVE-2023-5186 | Use After Free vulnerability in multiple products Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. | 8.8 |
| 2023-09-28 | CVE-2023-5187 | Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-09-28 | CVE-2023-42756 | Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. | 4.7 |
| 2023-09-27 | CVE-2023-42822 | Out-of-bounds Read vulnerability in multiple products xrdp is an open source remote desktop protocol server. | 6.5 |
| 2023-09-27 | CVE-2023-41074 | The issue was addressed with improved checks. | 8.8 |
| 2023-09-27 | CVE-2023-41335 | Cleartext Storage of Sensitive Information vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 3.7 |
| 2023-09-27 | CVE-2023-42453 | Improper Authorization vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 4.3 |
| 2023-09-27 | CVE-2023-5157 | A vulnerability was found in MariaDB. | 7.5 |