Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-13 CVE-2023-3214 Use After Free vulnerability in multiple products
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-06-13 CVE-2023-3215 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-06-13 CVE-2023-3216 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-843
8.8
8.8
2023-06-13 CVE-2023-3217 Use After Free vulnerability in multiple products
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-06-09 CVE-2023-2454 schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
network
low complexity
postgresql redhat fedoraproject
7.2
7.2
2023-06-08 CVE-2023-29403 Exposure of Resource to Wrong Sphere vulnerability in multiple products
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits.
local
low complexity
golang fedoraproject CWE-668
7.8
7.8
2023-06-06 CVE-2023-2603 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libcap. 		7.8
7.8
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian couchbase CWE-843
8.8
8.8
2023-05-30 CVE-2023-34153 Command Injection vulnerability in multiple products
A vulnerability was found in ImageMagick.
local
low complexity
imagemagick fedoraproject redhat CWE-77
7.8
7.8
2023-05-26 CVE-2023-22970 Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file.
local
low complexity
usebottles fedoraproject
7.8
7.8