High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-20	CVE-2023-3341	Out-of-bounds Write vulnerability in multiple products The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. network low complexity isc fedoraproject debian CWE-787	7.5
2023-09-20	CVE-2023-4236	Reachable Assertion vulnerability in multiple products A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. network low complexity isc fedoraproject debian netapp CWE-617	7.5
2023-09-18	CVE-2023-43115	In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. network low complexity artifex fedoraproject	8.8
2023-09-15	CVE-2023-38039	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. network low complexity haxx fedoraproject microsoft CWE-770	7.5
2023-09-12	CVE-2023-4863	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject debian mozilla microsoft webmproject netapp bentley CWE-787	8.8
2023-09-09	CVE-2023-41915	Race Condition vulnerability in multiple products OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. network high complexity openpmix fedoraproject debian CWE-362	8.1
2023-09-05	CVE-2023-39357	SQL Injection vulnerability in multiple products Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject CWE-89	8.8
2023-09-05	CVE-2023-39358	SQL Injection vulnerability in multiple products Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject CWE-89	8.8
2023-09-05	CVE-2023-39362	OS Command Injection vulnerability in multiple products Cacti is an open source operational monitoring and fault management framework. network low complexity cacti fedoraproject CWE-78	7.2
2023-09-05	CVE-2023-4761	Out-of-bounds Read vulnerability in multiple products Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian fedoraproject CWE-125	8.1