Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 37 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-7677
This affects the package thenify prior to 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization.
Thenify Project Thenify
Debian Debian Linux 10.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9.8
CVSSv3
CVE-2022-22995
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
Westerndigital My Cloud Pr2100 Firmware
Westerndigital My Cloud Pr4100 Firmware
Westerndigital My Cloud Ex4100 Firmware
Westerndigital My Cloud Ex2 Ultra Firmware
Westerndigital My Cloud Mirror Gen 2 Firmware
Westerndigital My Cloud Dl2100 Firmware
Westerndigital My Cloud Dl4100 Firmware
Westerndigital My Cloud Ex2100 Firmware
Westerndigital My Cloud Firmware
Westerndigital Wd Cloud Firmware
Westerndigital My Cloud Home Firmware
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netatalk Netatalk
9.8
CVSSv3
CVE-2021-35368
OWASP ModSecurity Core Rule Set 3.1.x prior to 3.1.2, 3.2.x prior to 3.2.1, and 3.3.x prior to 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
Owasp Owasp Modsecurity Core Rule Set
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
9.6
CVSSv3
CVE-2023-6345
Integer overflow in Skia in Google Chrome before 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
Google Chrome
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Microsoft Edge Chromium
2 Articles
9.6
CVSSv3
CVE-2023-2136
Integer overflow in Skia in Google Chrome before 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
1 Github repository
1 Article
9.6
CVSSv3
CVE-2022-3075
Insufficient data validation in Mojo in Google Chrome before 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 37
1 Article
9.3
CVSSv3
CVE-2022-2010
Out of bounds read in compositing in Google Chrome before 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 37
9.1
CVSSv3
CVE-2023-40181
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the `zgfx_decompress_segment` function. In the context of `CopyMemory`, it's possib...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-40188
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_LumaToYUV444` function. This Out-Of-Bounds Read occurs because processing is done on the `in` variable ...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.1
CVSSv3
CVE-2023-39353
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the `libfreerdp/codec/rfx.c` file there is no offset validation in `tile->qua...
Freerdp Freerdp 3.0.0
Freerdp Freerdp
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »