Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-30	CVE-2023-27536	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27538	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. local low complexity haxx fedoraproject debian netapp broadcom splunk CWE-287	5.5
2023-03-30	CVE-2023-26116	Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. network low complexity angularjs fedoraproject	5.3
2023-03-30	CVE-2023-26117	Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. network low complexity angularjs fedoraproject	5.3
2023-03-30	CVE-2023-26118	Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. network low complexity angularjs fedoraproject	5.3
2023-03-28	CVE-2023-28447	Cross-site Scripting vulnerability in multiple products Smarty is a template engine for PHP. network low complexity smarty fedoraproject CWE-79	6.1
2023-03-27	CVE-2023-1073	Out-of-bounds Write vulnerability in multiple products A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. low complexity linux redhat fedoraproject CWE-787	6.6
2023-03-23	CVE-2023-0056	Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. network low complexity haproxy redhat fedoraproject CWE-400	6.5
2023-03-23	CVE-2023-28336	Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access. network low complexity moodle fedoraproject CWE-668	4.3
2023-03-23	CVE-2023-1289	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. local low complexity imagemagick fedoraproject redhat CWE-20	5.5