Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-15 CVE-2023-5997 Use After Free vulnerability in multiple products
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8
2023-11-15 CVE-2023-6112 Use After Free vulnerability in multiple products
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-11-14 CVE-2023-5528 A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes.
network
low complexity
kubernetes fedoraproject
8.8
8.8
2023-11-11 CVE-2023-46849 Divide By Zero vulnerability in multiple products
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
network
low complexity
openvpn debian fedoraproject CWE-369
7.5
7.5
2023-11-09 CVE-2023-5539 Code Injection vulnerability in multiple products
A remote code execution risk was identified in the Lesson activity.
network
low complexity
moodle fedoraproject CWE-94
8.8
8.8
2023-11-09 CVE-2023-5540 Code Injection vulnerability in multiple products
A remote code execution risk was identified in the IMSCP activity.
network
low complexity
moodle fedoraproject CWE-94
8.8
8.8
2023-11-08 CVE-2023-5996 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-11-03 CVE-2023-1194 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel.
network
low complexity
linux fedoraproject CWE-125
8.1
8.1
2023-11-03 CVE-2023-41164 Improper Validation of Specified Quantity in Input vulnerability in multiple products
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
network
low complexity
djangoproject fedoraproject CWE-1284
7.5
7.5
2023-11-03 CVE-2023-41914 Race Condition vulnerability in multiple products
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
local
high complexity
schedmd fedoraproject CWE-362
7.0
7.0