Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe
Total 4932 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-5858 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-5857 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)
CVE-2023-5856 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5855 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
CVE-2023-5854 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
CVE-2023-5853 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5852 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
CVE-2023-5851 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5850 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
CVE-2023-5849 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-5764 2 Fedoraproject, Redhat 7 Extra Packages For Enterprise Linux, Fedora, Ansible and 4 more 2024-11-21 N/A 7.1 HIGH
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.
CVE-2023-5686 2 Fedoraproject, Radare 2 Fedora, Radare2 2024-11-21 N/A 8.8 HIGH
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
CVE-2023-5551 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2024-11-21 N/A 3.3 LOW
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
CVE-2023-5550 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2024-11-21 N/A 6.5 MEDIUM
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
CVE-2023-5549 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2024-11-21 N/A 3.3 LOW
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
CVE-2023-5548 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2024-11-21 N/A 3.3 LOW
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
CVE-2023-5547 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2024-11-21 N/A 3.3 LOW
The course upload preview contained an XSS risk for users uploading unsafe data.
CVE-2023-5546 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2024-11-21 N/A 4.3 MEDIUM
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
CVE-2023-5545 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2024-11-21 N/A 3.3 LOW
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
CVE-2023-5544 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2024-11-21 N/A 6.5 MEDIUM
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.