Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-22 | CVE-2023-38633 | Path Traversal vulnerability in multiple products A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. | 5.5 |
| 2023-07-20 | CVE-2022-2127 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. | 5.9 |
| 2023-07-20 | CVE-2023-34967 | Type Confusion vulnerability in multiple products A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. | 5.3 |
| 2023-07-20 | CVE-2023-34968 | Information Exposure Through Sent Data vulnerability in multiple products A path disclosure vulnerability was found in Samba. | 5.3 |
| 2023-07-20 | CVE-2023-3347 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in multiple products A vulnerability was found in Samba's SMB2 packet signing mechanism. | 5.9 |
| 2023-07-18 | CVE-2023-0160 | Improper Locking vulnerability in multiple products A deadlock flaw was found in the Linux kernel’s BPF subsystem. | 5.5 |
| 2023-07-14 | CVE-2023-38252 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. | 5.5 |
| 2023-07-14 | CVE-2023-38253 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. | 5.5 |
| 2023-07-11 | CVE-2023-1672 | Race Condition vulnerability in multiple products A race condition exists in the Tang server functionality for key generation and key rotation. | 5.3 |
| 2023-07-10 | CVE-2023-26590 | Incorrect Comparison vulnerability in multiple products A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. | 5.5 |