High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-15	CVE-2023-4357	Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. network low complexity google debian fedoraproject	8.8
2023-08-15	CVE-2023-4358	Use After Free vulnerability in multiple products Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-416	8.8
2023-08-15	CVE-2023-4366	Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-416	8.8
2023-08-15	CVE-2023-32004	Path Traversal vulnerability in multiple products A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. network low complexity nodejs fedoraproject CWE-22	8.8
2023-08-15	CVE-2023-32006	The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. network low complexity nodejs fedoraproject	8.8
2023-08-11	CVE-2023-3823	XXE vulnerability in multiple products In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. network low complexity php fedoraproject debian CWE-611	7.5
2023-08-11	CVE-2022-38076	Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel fedoraproject debian	7.8
2023-08-10	CVE-2023-4128	Use After Free vulnerability in multiple products A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. local low complexity linux redhat fedoraproject CWE-416	7.8
2023-08-08	CVE-2023-38180	.NET and Visual Studio Denial of Service Vulnerability network low complexity microsoft fedoraproject	7.5
2023-08-07	CVE-2023-4147	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. local low complexity linux fedoraproject redhat debian CWE-416	7.8