High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-01	CVE-2023-1127	Divide By Zero vulnerability in multiple products Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. local low complexity vim fedoraproject CWE-369	7.8
2023-02-28	CVE-2023-27320	Double Free vulnerability in multiple products Sudo before 1.9.13p2 has a double free in the per-command chroot feature. network low complexity sudo-project fedoraproject CWE-415	7.2
2023-02-20	CVE-2023-26081	Exposure of Resource to Wrong Sphere vulnerability in multiple products In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. network low complexity gnome fedoraproject CWE-668	7.5
2023-02-17	CVE-2023-24329	Improper Input Validation vulnerability in multiple products An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. network low complexity python fedoraproject netapp CWE-20	7.5
2023-02-15	CVE-2023-0361	Information Exposure Through Discrepancy vulnerability in multiple products A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. network high complexity gnu redhat debian fedoraproject netapp CWE-203	7.4
2023-02-07	CVE-2022-46663	In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. network low complexity gnu fedoraproject	7.5
2023-02-04	CVE-2023-25193	Allocation of Resources Without Limits or Throttling vulnerability in multiple products hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. network low complexity harfbuzz-project fedoraproject CWE-770	7.5
2023-02-01	CVE-2022-4254	LDAP Injection vulnerability in multiple products sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters network low complexity fedoraproject redhat CWE-90	8.8
2023-01-20	CVE-2022-47021	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. local low complexity xiph fedoraproject CWE-476	7.8
2023-01-18	CVE-2023-22809	Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. local low complexity sudo-project debian fedoraproject apple CWE-269	7.8