High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-04-04	CVE-2024-27316	HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. network low complexity apache fedoraproject netapp	7.5
2024-03-26	CVE-2024-2883	Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-03-26	CVE-2024-2885	Use After Free vulnerability in multiple products Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-03-26	CVE-2024-2886	Use After Free vulnerability in multiple products Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. network high complexity google fedoraproject CWE-416	7.5
2024-03-26	CVE-2024-2887	Type Confusion vulnerability in multiple products Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. local high complexity google fedoraproject CWE-843	7.7
2024-03-20	CVE-2024-2625	Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. network low complexity google fedoraproject	8.8
2024-03-20	CVE-2024-2627	Use After Free vulnerability in multiple products Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-03-13	CVE-2024-2400	Use After Free vulnerability in multiple products Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-03-10	CVE-2024-28757	XML Entity Expansion vulnerability in multiple products libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). network low complexity libexpat-project fedoraproject netapp CWE-776	7.5
2024-03-07	CVE-2024-1931	Infinite Loop vulnerability in multiple products NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. network low complexity nlnetlabs fedoraproject CWE-835	7.5