Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-13 CVE-2023-3255 Infinite Loop vulnerability in multiple products
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages.
network
low complexity
qemu redhat fedoraproject CWE-835
6.5
2023-09-13 CVE-2023-4155 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel.
local
high complexity
linux redhat fedoraproject CWE-367
5.6
2023-09-12 CVE-2023-4813 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject CWE-416
5.9
2023-08-22 CVE-2020-27418 Use After Free vulnerability in Fedoraproject Fedora Linux Kernel 5.9.0
A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function.
local
low complexity
fedoraproject CWE-416
4.4
2023-08-15 CVE-2023-4350 Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google debian fedoraproject
6.5
2023-08-15 CVE-2023-4359 Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject
5.3
2023-08-15 CVE-2023-4360 Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject
4.3
2023-08-15 CVE-2023-4361 Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject
5.3
2023-08-15 CVE-2023-4363 Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page.
network
low complexity
google debian fedoraproject
4.3
2023-08-15 CVE-2023-4364 Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject
4.3