Vulnerabilities > Fedoraproject > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-08 | CVE-2023-29404 | Code Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |
2023-06-08 | CVE-2023-29405 | Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |
2023-05-30 | CVE-2023-34152 | OS Command Injection vulnerability in multiple products A vulnerability was found in ImageMagick. | 9.8 |
2023-05-07 | CVE-2023-31047 | Improper Input Validation vulnerability in multiple products In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. | 9.8 |
2023-04-19 | CVE-2023-2136 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2023-03-31 | CVE-2023-29141 | An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. | 9.8 |
2023-03-23 | CVE-2023-28333 | Code Injection vulnerability in multiple products The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS). | 9.8 |
2023-03-21 | CVE-2023-1529 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. | 9.8 |
2022-12-19 | CVE-2021-33640 | Use After Free vulnerability in multiple products After tar_close(), libtar.c releases the memory pointed to by pointer t. | 9.8 |
2022-12-15 | CVE-2022-46393 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. | 9.8 |