Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-03 | CVE-2023-2467 | Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. | 4.3 |
| 2023-05-03 | CVE-2023-2468 | Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. | 4.3 |
| 2023-05-02 | CVE-2023-30943 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. | 5.3 |
| 2023-05-02 | CVE-2023-30944 | SQL Injection vulnerability in multiple products The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. | 7.3 |
| 2023-04-26 | CVE-2023-1786 | Information Exposure Through Log Files vulnerability in multiple products Sensitive data could be exposed in logs of cloud-init before version 23.1.2. | 5.5 |
| 2023-04-25 | CVE-2023-29007 | Injection vulnerability in multiple products Git is a revision control system. | 7.8 |
| 2023-04-25 | CVE-2023-2269 | Improper Locking vulnerability in multiple products A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. | 4.4 |
| 2023-04-25 | CVE-2023-25652 | Path Traversal vulnerability in multiple products Git is a revision control system. | 7.5 |
| 2023-04-25 | CVE-2023-25815 | Use of Externally-Controlled Format String vulnerability in multiple products In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. | 2.2 |
| 2023-04-25 | CVE-2022-42335 | NULL Pointer Dereference vulnerability in multiple products x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. | 7.8 |