Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-32570 Race Condition vulnerability in multiple products
VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.
network
high complexity
videolan fedoraproject CWE-362
5.9
5.9
2023-05-09 CVE-2023-2156 Reachable Assertion vulnerability in multiple products
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol.
network
low complexity
linux redhat fedoraproject debian CWE-617
7.5
7.5
2023-05-09 CVE-2023-2609 NULL Pointer Dereference vulnerability in multiple products
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
local
low complexity
vim fedoraproject CWE-476
5.5
5.5
2023-05-09 CVE-2023-31489 An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.
local
low complexity
frrouting fedoraproject
5.5
5.5
2023-05-09 CVE-2023-31490 An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.
network
low complexity
frrouting debian fedoraproject
7.5
7.5
2023-05-09 CVE-2023-31137 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
MaraDNS is open-source software that implements the Domain Name System (DNS).
network
low complexity
maradns fedoraproject debian CWE-191
7.5
7.5
2023-05-07 CVE-2023-31047 Improper Input Validation vulnerability in multiple products
In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files.
network
low complexity
djangoproject fedoraproject CWE-20
critical
 9.8
9.8
2023-05-05 CVE-2023-29659 Divide By Zero vulnerability in multiple products
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.
network
low complexity
struktur fedoraproject CWE-369
6.5
6.5
2023-05-03 CVE-2023-2459 Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject
6.5
6.5
2023-05-03 CVE-2023-2460 Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page.
network
low complexity
google debian fedoraproject
7.1
7.1