Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora - vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-6780
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size t...
Gnu Glibc
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.8
CVSSv3
CVE-2023-6246
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program ...
Gnu Glibc
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
1 Article
8.8
CVSSv3
CVE-2024-1059
Use after free in Peer Connection in Google Chrome before 121.0.6167.139 allowed a remote malicious user to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2024-1060
Use after free in Canvas in Google Chrome before 121.0.6167.139 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2024-1077
Use after free in Network in Google Chrome before 121.0.6167.139 allowed a remote malicious user to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2024-23334
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determi...
Aiohttp Aiohttp
Fedoraproject Fedora 39
6 Github repositories
1 Article
6.5
CVSSv3
CVE-2024-23829
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame boundaries of proxies in order to pr...
Aiohttp Aiohttp
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by...
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-40549
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an malicious user to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-40550
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »