Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-3180 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req.
local
low complexity
qemu fedoraproject debian CWE-787
6.5
6.5
2023-08-03 CVE-2023-4132 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel.
local
low complexity
linux redhat fedoraproject debian CWE-416
5.5
5.5
2023-08-03 CVE-2023-4133 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel.
local
low complexity
linux redhat fedoraproject CWE-416
5.5
5.5
2023-08-02 CVE-2023-29407 Excessive Iteration vulnerability in multiple products
A maliciously-crafted image can cause excessive CPU consumption in decoding.
network
low complexity
golang fedoraproject CWE-834
6.5
6.5
2023-08-02 CVE-2023-29408 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The TIFF decoder does not place a limit on the size of compressed tile data.
network
low complexity
golang fedoraproject CWE-770
6.5
6.5
2023-08-01 CVE-2023-38559 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript.
local
low complexity
artifex redhat fedoraproject debian CWE-120
5.5
5.5
2023-07-29 CVE-2022-4917 Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3
2023-07-29 CVE-2022-4926 Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
6.5
2023-07-25 CVE-2023-3772 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-476
4.4
4.4
2023-07-25 CVE-2023-3773 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-125
4.4
4.4