Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2023-08-04 CVE-2023-4135 Out-of-bounds Read vulnerability in multiple products
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU.
local
low complexity
qemu fedoraproject CWE-125
6.5
6.5
2023-08-03 CVE-2023-3180 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req.
local
low complexity
qemu fedoraproject debian CWE-787
6.5
6.5
2023-08-03 CVE-2023-4132 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel.
local
low complexity
linux redhat fedoraproject debian CWE-416
5.5
5.5
2023-08-03 CVE-2023-4133 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-416
5.5
5.5
2023-08-03 CVE-2023-4073 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-119
8.8
8.8
2023-08-02 CVE-2023-29407 Excessive Iteration vulnerability in multiple products
A maliciously-crafted image can cause excessive CPU consumption in decoding.
network
low complexity
golang fedoraproject CWE-834
6.5
6.5
2023-08-02 CVE-2023-29408 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The TIFF decoder does not place a limit on the size of compressed tile data.
network
low complexity
golang fedoraproject CWE-770
6.5
6.5
2023-08-02 CVE-2023-4016 Out-of-bounds Write vulnerability in multiple products
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
local
low complexity
procps-project fedoraproject CWE-787
3.3
3.3
2023-08-01 CVE-2023-38559 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript.
local
low complexity
artifex redhat fedoraproject debian CWE-120
5.5
5.5
2023-07-31 CVE-2023-4004 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. 		7.8
7.8