Vulnerabilities > Fedoraproject > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-40186 Integer Overflow or Wraparound vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-190
critical
9.8
2023-08-31 CVE-2023-40181 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-191
critical
9.1
2023-08-31 CVE-2023-39356 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
9.1
2023-08-31 CVE-2023-39353 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
9.1
2023-08-31 CVE-2023-39352 Out-of-bounds Write vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-787
critical
9.8
2023-08-29 CVE-2023-41360 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FRRouting FRR through 9.0.
network
low complexity
frrouting debian fedoraproject CWE-125
critical
9.1
2023-08-29 CVE-2023-41359 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FRRouting FRR through 9.0.
network
low complexity
frrouting fedoraproject CWE-125
critical
9.1
2023-08-14 CVE-2023-4322 Out-of-bounds Write vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
network
low complexity
radare fedoraproject CWE-787
critical
9.8
2023-08-11 CVE-2023-3824 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. 
network
low complexity
php fedoraproject debian CWE-119
critical
9.8
2023-07-20 CVE-2023-38408 Unquoted Search Path or Element vulnerability in multiple products
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system.
network
low complexity
openbsd fedoraproject CWE-428
critical
9.8