Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-04	CVE-2023-1823	Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google fedoraproject debian	6.5
2023-04-03	CVE-2023-26916	NULL Pointer Dereference vulnerability in multiple products libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c. network low complexity cesnet fedoraproject CWE-476	5.3
2023-04-03	CVE-2023-1611	Use After Free vulnerability in multiple products A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea local high complexity fedoraproject linux CWE-416	6.3
2023-03-31	CVE-2023-28755	A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. network low complexity ruby-lang debian fedoraproject	5.3
2023-03-31	CVE-2023-28756	A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. network low complexity ruby-lang debian fedoraproject	5.3
2023-03-30	CVE-2023-27535	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27536	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27538	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. local low complexity haxx fedoraproject debian netapp broadcom splunk CWE-287	5.5
2023-03-30	CVE-2023-26116	Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. network low complexity angularjs fedoraproject	5.3
2023-03-30	CVE-2023-26117	Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. network low complexity angularjs fedoraproject	5.3