Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-29 | CVE-2022-4917 | Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. | 4.3 |
| 2023-07-29 | CVE-2022-4926 | Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 6.5 |
| 2023-07-25 | CVE-2023-37920 | Insufficient Verification of Data Authenticity vulnerability in multiple products Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. | 9.8 |
| 2023-07-25 | CVE-2023-3772 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). | 4.4 |
| 2023-07-25 | CVE-2023-3773 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). | 4.4 |
| 2023-07-24 | CVE-2023-1386 | Improper Preservation of Permissions vulnerability in multiple products A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. | 7.8 |
| 2023-07-24 | CVE-2023-38200 | Excessive Iteration vulnerability in multiple products A flaw was found in Keylime. | 7.5 |
| 2023-07-22 | CVE-2023-38633 | Path Traversal vulnerability in multiple products A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. | 5.5 |
| 2023-07-20 | CVE-2022-2127 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. | 5.9 |
| 2023-07-20 | CVE-2023-34966 | Infinite Loop vulnerability in multiple products An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. | 7.5 |