Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-5169 | Out-of-bounds Write vulnerability in multiple products A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. | 6.5 |
| 2023-09-27 | CVE-2023-5171 | Use After Free vulnerability in multiple products During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. | 6.5 |
| 2023-09-27 | CVE-2023-35074 | The issue was addressed with improved memory handling. | 8.8 |
| 2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |
| 2023-09-25 | CVE-2023-4156 | Out-of-bounds Read vulnerability in multiple products A heap out-of-bounds read flaw was found in builtin.c in the gawk package. | 7.1 |
| 2023-09-22 | CVE-2023-42811 | Improper Verification of Cryptographic Signature vulnerability in multiple products aes-gcm is a pure Rust implementation of the AES-GCM. | 5.5 |
| 2023-09-22 | CVE-2023-5002 | A flaw was found in pgAdmin. | 8.8 |
| 2023-09-22 | CVE-2023-43090 | A vulnerability was found in GNOME Shell. | 5.5 |
| 2023-09-21 | CVE-2023-4504 | Out-of-bounds Write vulnerability in multiple products Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. | 7.0 |
| 2023-09-21 | CVE-2023-41993 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The issue was addressed with improved checks. | 8.8 |