Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2024-27019
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __n...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
7.8
CVSSv3
CVE-2024-27021
In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on module removal we get a RTNL-related deadlock. Fix this by avoiding the device-manage...
Linux Linux Kernel 6.9
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
5.9
CVSSv3
CVE-2024-31497
In PuTTY 0.68 up to and including 0.80 prior to 0.81, biased ECDSA nonce generation allows an malicious user to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to ...
Putty Putty
Filezilla-project Filezilla Client
Winscp Winscp
Tortoisegit Tortoisegit
Tigris Tortoisesvn
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4 Github repositories
2 Articles
7.5
CVSSv3
CVE-2024-27316
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
Apache Http Server
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
Netapp Ontap 9
2 Github repositories
1 Article
8.8
CVSSv3
CVE-2024-2627
Use after free in Canvas in Google Chrome before 123.0.6312.58 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
8.8
CVSSv3
CVE-2024-2625
Object lifecycle issue in V8 in Google Chrome before 123.0.6312.58 allowed a remote malicious user to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
6.5
CVSSv3
CVE-2024-2626
Out of bounds read in Swiftshader in Google Chrome before 123.0.6312.58 allowed a remote malicious user to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4.3
CVSSv3
CVE-2024-2628
Inappropriate implementation in Downloads in Google Chrome before 123.0.6312.58 allowed a remote malicious user to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4.3
CVSSv3
CVE-2024-2629
Incorrect security UI in iOS in Google Chrome before 123.0.6312.58 allowed a remote malicious user to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
6.5
CVSSv3
CVE-2024-2630
Inappropriate implementation in iOS in Google Chrome before 123.0.6312.58 allowed a remote malicious user to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »