Vulnerabilities > Fedoraproject
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-03 | CVE-2024-0217 | Use After Free vulnerability in multiple products A use-after-free flaw was found in PackageKitd. | 3.3 |
2024-01-02 | CVE-2023-6693 | Out-of-bounds Write vulnerability in multiple products A stack based buffer overflow was found in the virtio-net device of QEMU. | 5.3 |
2023-12-29 | CVE-2023-7104 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. | 7.3 |
2023-12-27 | CVE-2023-6879 | Out-of-bounds Write vulnerability in multiple products Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). | 9.8 |
2023-12-24 | CVE-2023-7101 | Code Injection vulnerability in multiple products Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. | 7.8 |
2023-12-24 | CVE-2023-51767 | OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. | 7.0 |
2023-12-24 | CVE-2023-51766 | Insufficient Verification of Data Authenticity vulnerability in multiple products Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. | 5.3 |
2023-12-24 | CVE-2023-51764 | Insufficient Verification of Data Authenticity vulnerability in multiple products Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). | 5.3 |
2023-12-21 | CVE-2023-7024 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2023-12-21 | CVE-2023-6546 | Race Condition vulnerability in multiple products A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. | 7.0 |