Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-10 | CVE-2023-26590 | Incorrect Comparison vulnerability in multiple products A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. | 5.5 |
| 2023-07-10 | CVE-2023-32627 | Incorrect Comparison vulnerability in multiple products A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. | 5.5 |
| 2023-07-10 | CVE-2023-34318 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. | 7.8 |
| 2023-07-10 | CVE-2023-1183 | Path Traversal vulnerability in multiple products A flaw was found in the Libreoffice package. | 5.5 |
| 2023-07-06 | CVE-2023-35934 | Information Exposure vulnerability in multiple products yt-dlp is a command-line program to download videos from video sites. | 8.2 |
| 2023-07-05 | CVE-2023-31248 | Use After Free vulnerability in multiple products Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-07-05 | CVE-2023-35001 | Out-of-bounds Write vulnerability in multiple products Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-07-03 | CVE-2023-36053 | In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. | 7.5 |
| 2023-07-01 | CVE-2023-30589 | The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. | 7.5 |
| 2023-06-30 | CVE-2023-1206 | Resource Exhaustion vulnerability in multiple products A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. | 5.7 |