Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-1062 Heap-based Buffer Overflow vulnerability in multiple products
A heap overflow flaw was found in 389-ds-base.
local
low complexity
redhat fedoraproject CWE-122
5.5
5.5
2024-02-12 CVE-2023-52429 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
local
low complexity
linux fedoraproject CWE-754
5.5
5.5
2024-02-11 CVE-2024-1151 Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian redhat fedoraproject linux CWE-787
5.5
5.5
2024-02-09 CVE-2024-0229 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory access flaw was found in the X.Org server.
local
low complexity
x-org fedoraproject redhat CWE-787
7.8
7.8
2024-02-08 CVE-2024-1312 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function.
local
high complexity
linux fedoraproject CWE-416
4.7
4.7
2024-02-07 CVE-2024-20290 Out-of-bounds Read vulnerability in multiple products
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read.
network
low complexity
cisco fedoraproject CWE-125
7.5
7.5
2024-02-07 CVE-2024-1283 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
critical
 9.8
9.8
2024-02-07 CVE-2024-1284 Use After Free vulnerability in multiple products
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
critical
 9.8
9.8
2024-02-06 CVE-2024-1048 Incomplete Cleanup vulnerability in multiple products
A flaw was found in the grub2-set-bootflag utility of grub2.
local
low complexity
gnu redhat fedoraproject CWE-459
3.3
3.3
2024-02-06 CVE-2024-0690 Improper Encoding or Escaping of Output vulnerability in multiple products
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios.
local
low complexity
redhat fedoraproject CWE-116
5.5
5.5