High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-21	CVE-2024-1675	Insufficient policy enforcement in Download in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. network low complexity google fedoraproject	8.8
2024-02-19	CVE-2024-26134	Classic Buffer Overflow vulnerability in multiple products cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. network low complexity agronholm fedoraproject CWE-120	7.5
2024-02-19	CVE-2024-25978	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. network low complexity moodle fedoraproject CWE-770	7.5
2024-02-19	CVE-2024-25982	Cross-Site Request Forgery (CSRF) vulnerability in multiple products The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. network low complexity moodle fedoraproject CWE-352	8.8
2024-02-19	CVE-2024-1580	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. network low complexity videolan apple fedoraproject CWE-190	8.8
2024-02-15	CVE-2024-1488	A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. local low complexity fedoraproject redhat	7.3
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2024-02-13	CVE-2024-24814	mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. network low complexity openidc debian fedoraproject	7.5
2024-02-09	CVE-2024-0229	An out-of-bounds memory access flaw was found in the X.Org server. local low complexity x-org fedoraproject redhat	7.8
2024-02-07	CVE-2024-20290	Out-of-bounds Read vulnerability in multiple products A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. network low complexity cisco fedoraproject CWE-125	7.5