High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-21	CVE-2024-1670	Use After Free vulnerability in multiple products Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2024-02-21	CVE-2024-1673	Use After Free vulnerability in multiple products Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. network low complexity google fedoraproject CWE-416	8.8
2024-02-21	CVE-2024-1674	Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google fedoraproject	8.8
2024-02-21	CVE-2024-1675	Insufficient policy enforcement in Download in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. network low complexity google fedoraproject	8.8
2024-02-19	CVE-2024-26134	Classic Buffer Overflow vulnerability in multiple products cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. network low complexity agronholm fedoraproject CWE-120	7.5
2024-02-19	CVE-2024-25978	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. network low complexity moodle fedoraproject CWE-770	7.5
2024-02-19	CVE-2024-25982	Cross-Site Request Forgery (CSRF) vulnerability in multiple products The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. network low complexity moodle fedoraproject CWE-352	8.8
2024-02-19	CVE-2024-1580	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. network low complexity videolan apple fedoraproject CWE-190	8.8
2024-02-15	CVE-2024-1488	A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. local low complexity fedoraproject redhat	7.3
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5