Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-09 CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.
network
low complexity
postgresql redhat fedoraproject
5.4
5.4
2023-06-09 CVE-2023-32732 gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies.
network
low complexity
grpc fedoraproject
5.3
5.3
2023-06-08 CVE-2023-34969 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon.
network
low complexity
freedesktop fedoraproject debian
6.5
6.5
2023-06-06 CVE-2023-33460 Memory Leak vulnerability in multiple products
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function.
network
low complexity
yajl-project fedoraproject debian CWE-401
6.5
6.5
2023-06-05 CVE-2023-34410 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2.
network
low complexity
debian fedoraproject qt CWE-295
5.3
5.3
2023-05-30 CVE-2023-34151 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick. 		5.5
5.5
2023-05-26 CVE-2023-28321 Improper Certificate Validation vulnerability in multiple products
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates.
network
high complexity
haxx debian fedoraproject netapp apple CWE-295
5.9
5.9
2023-05-26 CVE-2023-1667 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing.
network
low complexity
libssh fedoraproject debian redhat CWE-476
6.5
6.5
2023-05-26 CVE-2023-1981 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in the avahi library.
local
low complexity
avahi fedoraproject redhat CWE-400
5.5
5.5
2023-05-26 CVE-2023-2283 Improper Authentication vulnerability in multiple products
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems.
network
low complexity
libssh fedoraproject redhat CWE-287
6.5
6.5