Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-21955 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition).
network
low complexity
oracle fedoraproject netapp
4.9
4.9
2023-04-18 CVE-2023-21962 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services).
network
low complexity
oracle fedoraproject netapp
4.9
4.9
2023-04-17 CVE-2023-29197 Interpretation Conflict vulnerability in multiple products
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP.
network
low complexity
guzzlephp fedoraproject CWE-436
7.5
7.5
2023-04-15 CVE-2021-43612 Out-of-bounds Write vulnerability in multiple products
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
network
low complexity
lldpd-project fedoraproject CWE-787
7.5
7.5
2023-04-14 CVE-2023-2033 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-843
8.8
8.8
2023-04-12 CVE-2023-1906 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-04-12 CVE-2023-1994 Resource Exhaustion vulnerability in multiple products
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-400
6.5
6.5
2023-04-12 CVE-2023-1992 Resource Exhaustion vulnerability in multiple products
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-400
7.5
7.5
2023-04-12 CVE-2023-1993 Excessive Iteration vulnerability in multiple products
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-834
6.5
6.5
2023-04-12 CVE-2023-0004 A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software.
network
low complexity
paloaltonetworks fedoraproject
6.5
6.5