Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-04 CVE-2024-0223 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-01-04 CVE-2024-0224 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-01-04 CVE-2024-0225 Use After Free vulnerability in multiple products
Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2023-12-29 CVE-2023-7104 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical.
network
low complexity
sqlite fedoraproject CWE-119
7.3
7.3
2023-12-24 CVE-2023-7101 Code Injection vulnerability in multiple products
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files.
local
low complexity
jmcnamara debian fedoraproject CWE-94
7.8
7.8
2023-12-24 CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit.
local
high complexity
openbsd fedoraproject redhat
7.0
7.0
2023-12-21 CVE-2023-7024 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-12-21 CVE-2023-6546 Race Condition vulnerability in multiple products
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel.
local
high complexity
linux fedoraproject redhat CWE-362
7.0
7.0
2023-12-14 CVE-2023-6702 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject microsoft CWE-843
8.8
8.8
2023-12-12 CVE-2023-5764 A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data.
local
low complexity
redhat fedoraproject
7.8
7.8