Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-28321 | Improper Certificate Validation vulnerability in multiple products An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. | 5.9 |
| 2023-05-26 | CVE-2023-1667 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. | 6.5 |
| 2023-05-26 | CVE-2023-1981 | Resource Exhaustion vulnerability in multiple products A vulnerability was found in the avahi library. | 5.5 |
| 2023-05-26 | CVE-2023-2283 | Improper Authentication vulnerability in multiple products A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. | 6.5 |
| 2023-05-26 | CVE-2023-32681 | Requests is a HTTP library. | 6.1 |
| 2023-05-25 | CVE-2023-31130 | Out-of-bounds Write vulnerability in multiple products c-ares is an asynchronous resolver library. | 6.4 |
| 2023-05-25 | CVE-2023-31147 | c-ares is an asynchronous resolver library. | 6.5 |
| 2023-05-17 | CVE-2023-2731 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. | 5.5 |
| 2023-05-15 | CVE-2023-1729 | Out-of-bounds Write vulnerability in multiple products A flaw was found in LibRaw. | 6.5 |
| 2023-05-15 | CVE-2023-2700 | Memory Leak vulnerability in multiple products A vulnerability was found in libvirt. | 5.5 |