Vulnerabilities > Fedoraproject > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-39356 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 9.1 |
| 2023-08-29 | CVE-2023-41359 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FRRouting FRR through 9.0. | 9.1 |
| 2023-08-29 | CVE-2023-41360 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FRRouting FRR through 9.0. | 9.1 |
| 2023-08-14 | CVE-2023-4322 | Out-of-bounds Write vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | 9.8 |
| 2023-08-11 | CVE-2023-3824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. | 9.8 |
| 2023-07-20 | CVE-2023-38408 | Unquoted Search Path or Element vulnerability in multiple products The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. | 9.8 |
| 2023-06-27 | CVE-2023-3432 | Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9. | 10.0 |
| 2023-06-08 | CVE-2023-29402 | Code Injection vulnerability in multiple products The go command may generate unexpected code at build time when using cgo. | 9.8 |
| 2023-06-08 | CVE-2023-29404 | Code Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |
| 2023-06-08 | CVE-2023-29405 | Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |