Vulnerabilities > Fedoraproject > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-20 | CVE-2024-2631 | Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-02-29 | CVE-2024-24246 | Out-of-bounds Write vulnerability in multiple products Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h. | 5.5 |
2024-02-22 | CVE-2023-52160 | Improper Authentication vulnerability in multiple products The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. | 6.5 |
2024-02-12 | CVE-2023-52429 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | 5.5 |
2024-02-11 | CVE-2024-1151 | Out-of-bounds Write vulnerability in multiple products A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. | 5.5 |
2024-02-08 | CVE-2024-1312 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. | 4.7 |
2024-02-06 | CVE-2024-0690 | Improper Encoding or Escaping of Output vulnerability in multiple products An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. | 5.5 |
2024-01-31 | CVE-2023-6780 | Incorrect Calculation of Buffer Size vulnerability in multiple products An integer overflow was found in the __vsyslog_internal function of the glibc library. | 5.3 |
2024-01-29 | CVE-2024-23829 | HTTP Request Smuggling vulnerability in multiple products aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 6.5 |
2024-01-29 | CVE-2023-40546 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in Shim when an error happened while creating a new ESL variable. | 5.5 |