Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-16 | CVE-2023-48234 | Integer Overflow or Wraparound vulnerability in multiple products Vim is an open source command line text editor. | 4.3 |
| 2023-11-16 | CVE-2023-48235 | Integer Overflow or Wraparound vulnerability in multiple products Vim is an open source command line text editor. | 4.3 |
| 2023-11-16 | CVE-2023-48236 | Integer Overflow or Wraparound vulnerability in multiple products Vim is an open source command line text editor. | 4.3 |
| 2023-11-16 | CVE-2023-48237 | Integer Overflow or Wraparound vulnerability in multiple products Vim is an open source command line text editor. | 4.3 |
| 2023-11-09 | CVE-2023-39198 | Use After Free vulnerability in multiple products A race condition was found in the QXL driver in the Linux kernel. | 6.4 |
| 2023-11-09 | CVE-2023-5542 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Students in "Only see own membership" groups could see other students in the group, which should be hidden. | 4.3 |
| 2023-11-09 | CVE-2023-5544 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. | 5.4 |
| 2023-11-09 | CVE-2023-5545 | Exposure of Resource to Wrong Sphere vulnerability in multiple products H5P metadata automatically populated the author with the user's username, which could be sensitive information. | 5.3 |
| 2023-11-09 | CVE-2023-5546 | Cross-site Scripting vulnerability in multiple products ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. | 5.4 |
| 2023-11-09 | CVE-2023-5547 | Cross-site Scripting vulnerability in multiple products The course upload preview contained an XSS risk for users uploading unsafe data. | 6.1 |