Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-2269 Improper Locking vulnerability in multiple products
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
local
low complexity
linux fedoraproject debian netapp CWE-667
4.4
4.4
2023-04-24 CVE-2023-29530 Laminas Diactoros provides PSR HTTP Message implementations.
network
low complexity
guzzlephp getlaminas fedoraproject
6.5
6.5
2023-04-24 CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2.
local
low complexity
linux fedoraproject debian netapp
5.5
5.5
2023-04-20 CVE-2023-2194 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver.
local
low complexity
linux fedoraproject redhat CWE-787
6.7
6.7
2023-04-18 CVE-2023-28856 Reachable Assertion vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis debian fedoraproject CWE-617
6.5
6.5
2023-04-12 CVE-2023-1906 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5
2023-04-12 CVE-2023-1994 Resource Exhaustion vulnerability in multiple products
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-400
6.5
6.5
2023-04-12 CVE-2023-1993 Excessive Iteration vulnerability in multiple products
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-834
6.5
6.5
2023-04-12 CVE-2023-0004 A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software.
network
low complexity
paloaltonetworks fedoraproject
6.5
6.5
2023-04-04 CVE-2023-1813 Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
6.5
6.5