Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

fedoraproject fedora 36 vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3
CVE-2021-23414
This affects the package video.js prior to 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.
Videojs Video.jsFedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
6.1
CVSSv3
CVE-2022-3123
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki before 2022-07-31a.
Dokuwiki DokuwikiFedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
6.1
CVSSv3
CVE-2023-28447
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to s...
Smarty SmartyFedoraproject Fedora 36Fedoraproject Fedora 37Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2022-3559
A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a pa...
Exim Exim -Fedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2022-3278
NULL Pointer Dereference in GitHub repository vim/vim before 9.0.0552.
Vim VimFedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2022-30674
Adobe InDesign versions 16.4.2 (and previous versions) and 17.3 (and previous versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploit...
Adobe IndesignFedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
8.8
CVSSv3
CVE-2023-1528
Use after free in Passwords in Google Chrome before 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google ChromeFedoraproject Fedora 36Fedoraproject Fedora 37Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-1529
Out of bounds memory access in WebHID in Google Chrome before 111.0.5563.110 allowed a remote malicious user to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
Google ChromeFedoraproject Fedora 36Fedoraproject Fedora 37Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-1530
Use after free in PDF in Google Chrome before 111.0.5563.110 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google ChromeFedoraproject Fedora 36Fedoraproject Fedora 37Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-1532
Out of bounds read in GPU Video in Google Chrome before 111.0.5563.110 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google ChromeFedoraproject Fedora 36Fedoraproject Fedora 37Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook