Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedora vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2024-23829
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame boundaries of proxies in order to pr...
Aiohttp Aiohttp
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by...
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-40549
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an malicious user to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-40550
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
5.1
CVSSv3
CVE-2023-40551
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
7.4
CVSSv3
CVE-2023-40548
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer ...
Redhat Shim
Redhat Shim 15.8
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-46838
Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts ...
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2024-0806
Use after free in Passwords in Google Chrome before 121.0.6167.85 allowed a remote malicious user to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
4.3
CVSSv3
CVE-2024-0809
Inappropriate implementation in Autofill in Google Chrome before 121.0.6167.85 allowed a remote malicious user to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2024-0804
Insufficient policy enforcement in iOS Security UI in Google Chrome before 121.0.6167.85 allowed a remote malicious user to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »