Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2024-1060 | Use After Free vulnerability in multiple products Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-01-30 | CVE-2024-1077 | Use After Free vulnerability in multiple products Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. | 8.8 |
| 2024-01-29 | CVE-2024-23334 | Path Traversal vulnerability in multiple products aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 7.5 |
| 2024-01-29 | CVE-2024-23829 | HTTP Request Smuggling vulnerability in multiple products aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 6.5 |
| 2024-01-29 | CVE-2023-40546 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in Shim when an error happened while creating a new ESL variable. | 5.5 |
| 2024-01-29 | CVE-2023-40549 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. | 5.5 |
| 2024-01-29 | CVE-2023-40550 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. | 5.5 |
| 2024-01-29 | CVE-2023-40551 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the MZ binary format in Shim. | 5.1 |
| 2024-01-29 | CVE-2023-40548 | Out-of-bounds Write vulnerability in multiple products A buffer overflow was found in Shim in the 32-bit system. | 7.4 |
| 2024-01-29 | CVE-2023-46838 | NULL Pointer Dereference vulnerability in multiple products Transmit requests in Xen's virtual network protocol can consist of multiple parts. | 7.5 |