High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-14	CVE-2024-4761	Out-of-bounds Write vulnerability in multiple products Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject CWE-787	8.8
2024-05-01	CVE-2024-4058	Type Confusion vulnerability in multiple products Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-843	8.8
2024-05-01	CVE-2024-27018	In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. local low complexity linux fedoraproject	7.8
2024-05-01	CVE-2024-27021	Improper Locking vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on module removal we get a RTNL-related deadlock. local low complexity linux fedoraproject CWE-667	7.8
2024-04-04	CVE-2024-27316	Allocation of Resources Without Limits or Throttling vulnerability in multiple products HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. network low complexity apache fedoraproject netapp CWE-770	7.5
2024-03-20	CVE-2024-2625	Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. network low complexity google fedoraproject	8.8
2024-03-20	CVE-2024-2627	Use After Free vulnerability in multiple products Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2024-02-13	CVE-2024-24814	mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. network low complexity openidc debian fedoraproject	7.5
2024-02-13	CVE-2023-4408	The DNS message parsing code in `named` includes a section whose computational complexity is overly high. network low complexity netapp fedoraproject isc	7.5