Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-15	CVE-2023-4361	Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. network low complexity google debian fedoraproject	5.3
2023-08-15	CVE-2023-4363	Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. network low complexity google debian fedoraproject	4.3
2023-08-15	CVE-2023-4364	Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject	4.3
2023-08-15	CVE-2023-4365	Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject	4.3
2023-08-15	CVE-2023-4366	Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-416	8.8
2023-08-15	CVE-2023-4367	Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. network low complexity google debian fedoraproject	6.5
2023-08-15	CVE-2023-32003	Path Traversal vulnerability in multiple products `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. network low complexity nodejs fedoraproject CWE-22	5.3
2023-08-15	CVE-2023-32004	Path Traversal vulnerability in multiple products A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. network low complexity nodejs fedoraproject CWE-22	8.8
2023-08-15	CVE-2023-32006	The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. network low complexity nodejs fedoraproject	8.8
2023-08-14	CVE-2023-4322	Out-of-bounds Write vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. network low complexity radare fedoraproject CWE-787 critical	9.8

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject