Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-02-28 | CVE-2022-41727 | An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service. | Fedora, Image, Tiff | 5.5 | ||
2023-02-28 | CVE-2023-27320 | Sudo before 1.9.13p2 has a double free in the per-command chroot feature. | Fedora, Sudo | 7.2 | ||
2023-03-01 | CVE-2023-1127 | Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. | Fedora, Vim | 7.8 | ||
2023-03-02 | CVE-2023-25358 | A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. | Fedora, Webkitgtk | 8.8 | ||
2023-03-07 | CVE-2023-1264 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | Fedora, Vim | 5.5 | ||
2023-03-24 | CVE-2023-28686 | Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information. | Debian_linux, Dino, Fedora | 7.1 | ||
2023-03-23 | CVE-2023-1513 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | Fedora, Linux_kernel, Enterprise_linux | 3.3 | ||
2023-03-27 | CVE-2021-3923 | A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. | Fedora, Linux_kernel, Enterprise_linux | 2.3 | ||
2023-03-29 | CVE-2023-0664 | A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. | Fedora, Qemu, Enterprise_linux | 7.8 | ||
2023-03-30 | CVE-2023-26116 | Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking. | Angular, Fedora | 5.3 |