Vulnerabilities > Fedoraproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-02 | CVE-2023-5344 | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. | 7.5 |
| 2023-09-30 | CVE-2023-44488 | Improper Handling of Exceptional Conditions vulnerability in multiple products VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | 7.5 |
| 2023-09-29 | CVE-2023-43655 | Injection vulnerability in multiple products Composer is a dependency manager for PHP. | 8.8 |
| 2023-09-28 | CVE-2023-5186 | Use After Free vulnerability in multiple products Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. | 8.8 |
| 2023-09-28 | CVE-2023-5187 | Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-09-27 | CVE-2023-41074 | The issue was addressed with improved checks. | 8.8 |
| 2023-09-27 | CVE-2023-5157 | A vulnerability was found in MariaDB. | 7.5 |
| 2023-09-27 | CVE-2023-35074 | The issue was addressed with improved memory handling. | 8.8 |
| 2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |