Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 38 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5545
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
NA
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
NA
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data.
Moodle Moodle
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-5548
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
NA
CVE-2023-5549
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
NA
CVE-2023-5551
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
NA
CVE-2023-5996
Use after free in WebAudio in Google Chrome before 119.0.6045.123 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an malicious user to have physical access to the computer and a specially crafted USB device or smart card. This flaw all...
Opensc Project Opensc 0.23.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-47272
Roundcube 1.5.x prior to 1.5.6 and 1.6.x prior to 1.6.5 allows XSS via a Content-Type or Content-Disposition header (used for attachment preview or download).
Roundcube Webmail
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-44271
An issue exists in Pillow prior to 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance...
Python Pillow
Fedoraproject Fedora 38
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »