High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-19	CVE-2024-25978	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. network low complexity moodle fedoraproject CWE-770	7.5
2024-02-19	CVE-2024-25982	Cross-Site Request Forgery (CSRF) vulnerability in multiple products The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. network low complexity moodle fedoraproject CWE-352	8.8
2024-02-19	CVE-2024-1580	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. network low complexity videolan apple fedoraproject CWE-190	8.8
2024-02-15	CVE-2024-1488	A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. local low complexity fedoraproject redhat	7.3
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2024-02-13	CVE-2024-24814	mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. network low complexity openidc debian fedoraproject	7.5
2024-02-09	CVE-2024-0229	An out-of-bounds memory access flaw was found in the X.Org server. local low complexity x-org fedoraproject redhat	7.8
2024-02-07	CVE-2024-20290	Out-of-bounds Read vulnerability in multiple products A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. network low complexity cisco fedoraproject CWE-125	7.5
2024-02-05	CVE-2024-22667	Out-of-bounds Write vulnerability in multiple products Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. local low complexity vim fedoraproject CWE-787	7.8
2024-01-31	CVE-2024-21626	Exposure of Resource to Wrong Sphere vulnerability in multiple products runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. local low complexity linuxfoundation fedoraproject CWE-668	8.6