Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2023-05-16 CVE-2023-2726 Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page.
network
low complexity
google debian fedoraproject
8.8
8.8
2023-05-15 CVE-2023-1729 Out-of-bounds Write vulnerability in multiple products
A flaw was found in LibRaw.
network
low complexity
libraw fedoraproject redhat CWE-787
6.5
6.5
2023-05-15 CVE-2023-2700 Memory Leak vulnerability in multiple products
A vulnerability was found in libvirt.
local
low complexity
redhat fedoraproject CWE-401
5.5
5.5
2023-05-10 CVE-2023-32570 Race Condition vulnerability in multiple products
VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.
network
high complexity
videolan fedoraproject CWE-362
5.9
5.9
2023-05-09 CVE-2023-2156 Reachable Assertion vulnerability in multiple products
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol.
network
low complexity
linux redhat fedoraproject debian CWE-617
7.5
7.5
2023-05-09 CVE-2023-2609 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
local
low complexity
vim fedoraproject CWE-476
5.5
5.5
2023-05-09 CVE-2023-31489 An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.
local
low complexity
frrouting fedoraproject
5.5
5.5
2023-05-09 CVE-2023-31490 An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.
network
low complexity
frrouting debian fedoraproject
7.5
7.5
2023-05-09 CVE-2023-31137 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
MaraDNS is open-source software that implements the Domain Name System (DNS).
network
low complexity
maradns fedoraproject debian CWE-191
7.5
7.5
2023-05-07 CVE-2023-31047 Improper Input Validation vulnerability in multiple products
In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files.
network
low complexity
djangoproject fedoraproject CWE-20
critical
 9.8
9.8