Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2023-07-29 CVE-2022-4907 Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google fedoraproject debian
8.8
2023-07-29 CVE-2022-4917 Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
2023-07-29 CVE-2022-4926 Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
2023-07-25 CVE-2023-3772 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-476
4.4
2023-07-25 CVE-2023-3773 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-125
4.4
2023-07-24 CVE-2023-1386 Improper Preservation of Permissions vulnerability in multiple products
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU.
local
low complexity
qemu fedoraproject CWE-281
7.8
2023-07-24 CVE-2023-38200 Excessive Iteration vulnerability in multiple products
A flaw was found in Keylime.
network
low complexity
keylime redhat fedoraproject CWE-834
7.5
2023-07-22 CVE-2023-38633 Path Traversal vulnerability in multiple products
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
local
low complexity
gnome fedoraproject debian CWE-22
5.5
2023-07-20 CVE-2022-2127 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c.
network
high complexity
samba redhat fedoraproject debian CWE-125
5.9
2023-07-20 CVE-2023-34966 Infinite Loop vulnerability in multiple products
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight.
network
low complexity
samba fedoraproject redhat debian CWE-835
7.5