Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2023-03-30 CVE-2023-26117 Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression.
network
low complexity
angularjs fedoraproject
5.3
5.3
2023-03-30 CVE-2023-26118 Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality.
network
low complexity
angularjs fedoraproject
5.3
5.3
2023-03-29 CVE-2023-0664 Improper Privilege Management vulnerability in multiple products
A flaw was found in the QEMU Guest Agent service for Windows.
local
low complexity
qemu redhat fedoraproject CWE-269
7.8
7.8
2023-03-28 CVE-2023-28447 Cross-site Scripting vulnerability in multiple products
Smarty is a template engine for PHP.
network
low complexity
smarty fedoraproject CWE-79
6.1
6.1
2023-03-27 CVE-2023-0179 Integer Overflow or Wraparound vulnerability in multiple products
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel.
local
low complexity
linux canonical fedoraproject redhat CWE-190
7.8
7.8
2023-03-27 CVE-2021-3923 A flaw was found in the Linux kernel's implementation of RDMA over infiniband.
local
low complexity
redhat fedoraproject
2.3
2.3
2023-03-27 CVE-2023-0494 Use After Free vulnerability in multiple products
A vulnerability was found in X.Org.
local
low complexity
x-org fedoraproject redhat CWE-416
7.8
7.8
2023-03-27 CVE-2023-1073 Out-of-bounds Write vulnerability in multiple products
A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. 		6.6
6.6
2023-03-24 CVE-2023-28686 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message.
network
low complexity
dino fedoraproject debian CWE-639
7.1
7.1
2023-03-23 CVE-2023-0056 Resource Exhaustion vulnerability in multiple products
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service.
network
low complexity
haproxy redhat fedoraproject CWE-400
6.5
6.5