Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-19 CVE-2023-2135 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page.
network
high complexity
google debian fedoraproject CWE-416
7.5
7.5
2023-04-19 CVE-2023-2137 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-17 CVE-2023-29197 Interpretation Conflict vulnerability in multiple products
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP.
network
low complexity
guzzlephp fedoraproject CWE-436
7.5
7.5
2023-04-15 CVE-2021-43612 Out-of-bounds Write vulnerability in multiple products
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
network
low complexity
lldpd-project fedoraproject CWE-787
7.5
7.5
2023-04-14 CVE-2023-2033 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject couchbase CWE-843
8.8
8.8
2023-04-12 CVE-2023-1992 Resource Exhaustion vulnerability in multiple products
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-400
7.5
7.5
2023-04-04 CVE-2023-1810 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
8.8
2023-04-04 CVE-2023-1811 Use After Free vulnerability in multiple products
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8
2023-04-04 CVE-2023-1812 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
8.8
2023-04-04 CVE-2023-1815 Use After Free vulnerability in multiple products
Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8