Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 38 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-31047
In Django 3.2 prior to 3.2.19, 4.x prior to 4.1.9, and 4.2 prior to 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file wa...
Djangoproject Django 4.2
Djangoproject Django
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-1529
Out of bounds memory access in WebHID in Google Chrome before 111.0.5563.110 allowed a remote malicious user to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2022-24439
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes ex...
Gitpython Project Gitpython
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
2 Github repositories
9.8
CVSSv3
CVE-2022-22995
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
Westerndigital My Cloud Pr2100 Firmware
Westerndigital My Cloud Pr4100 Firmware
Westerndigital My Cloud Ex4100 Firmware
Westerndigital My Cloud Ex2 Ultra Firmware
Westerndigital My Cloud Mirror Gen 2 Firmware
Westerndigital My Cloud Dl2100 Firmware
Westerndigital My Cloud Dl4100 Firmware
Westerndigital My Cloud Ex2100 Firmware
Westerndigital My Cloud Firmware
Westerndigital Wd Cloud Firmware
Westerndigital My Cloud Home Firmware
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netatalk Netatalk
9.6
CVSSv3
CVE-2023-6345
Integer overflow in Skia in Google Chrome before 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
Google Chrome
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Microsoft Edge Chromium
2 Articles
9.6
CVSSv3
CVE-2023-2136
Integer overflow in Skia in Google Chrome before 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
1 Github repository
1 Article
9.1
CVSSv3
CVE-2023-40181
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the `zgfx_decompress_segment` function. In the context of `CopyMemory`, it's possib...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-40188
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_LumaToYUV444` function. This Out-Of-Bounds Read occurs because processing is done on the `in` variable ...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-39353
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the `libfreerdp/codec/rfx.c` file there is no offset validation in `tile->qua...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-39356
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the v...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »