Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-16 CVE-2023-34474 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-06-16 CVE-2023-34475 Use After Free vulnerability in multiple products
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c.
local
low complexity
imagemagick fedoraproject CWE-416
5.5
5.5
2023-06-16 CVE-2023-3195 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-06-16 CVE-2023-2431 A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement.
local
low complexity
kubernetes fedoraproject
5.5
5.5
2023-06-12 CVE-2023-3161 Incorrect Calculation vulnerability in multiple products
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel.
local
low complexity
linux fedoraproject redhat CWE-682
5.5
5.5
2023-06-09 CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.
network
low complexity
postgresql redhat fedoraproject
5.4
5.4
2023-06-09 CVE-2023-32732 gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies.
network
low complexity
grpc fedoraproject
5.3
5.3
2023-06-08 CVE-2023-34969 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon.
network
low complexity
freedesktop fedoraproject debian
6.5
6.5
2023-06-06 CVE-2023-33460 Memory Leak vulnerability in multiple products
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function.
network
low complexity
yajl-project fedoraproject debian CWE-401
6.5
6.5
2023-05-30 CVE-2023-34151 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick. 		5.5
5.5