Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-01	CVE-2023-5853	Origin Validation Error vulnerability in multiple products Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-11-01	CVE-2023-5858	Origin Validation Error vulnerability in multiple products Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-11-01	CVE-2023-5859	Origin Validation Error vulnerability in multiple products Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-10-31	CVE-2023-43796	Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. network low complexity matrix fedoraproject	5.3
2023-10-25	CVE-2023-5380	Use After Free vulnerability in multiple products A use-after-free flaw was found in the xorg-x11-server. local high complexity x-org redhat fedoraproject debian CWE-416	4.7
2023-10-25	CVE-2023-41983	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The issue was addressed with improved memory handling. network low complexity apple fedoraproject debian CWE-119	6.5
2023-10-23	CVE-2023-45802	Improper Resource Shutdown or Release vulnerability in multiple products When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. network high complexity apache fedoraproject debian CWE-404	5.9
2023-10-18	CVE-2023-5631	Cross-site Scripting vulnerability in multiple products Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. network low complexity roundcube debian fedoraproject CWE-79	5.4
2023-10-17	CVE-2023-22084	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). network low complexity oracle netapp fedoraproject mariadb	4.9
2023-10-17	CVE-2023-45803	urllib3 is a user-friendly HTTP client library for Python. high complexity python fedoraproject	4.2