Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-45150
A reflected cross-site scripting vulnerability exists in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user'...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.4
CVSSv3
CVE-2022-45151
The stored-XSS vulnerability exists in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.9
CVSSv3
CVE-2015-3420
The ssl-proxy-openssl.c function in Dovecot prior to 2.2.17, when SSLv3 is disabled, allow remote malicious users to cause a denial of service (login process crash) via vectors related to handshake failures.
Dovecot Dovecot
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
5.5
CVSSv3
CVE-2022-30674
Adobe InDesign versions 16.4.2 (and previous versions) and 17.3 (and previous versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploit...
Adobe Indesign
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
8.1
CVSSv3
CVE-2023-4427
Out of bounds memory access in V8 in Google Chrome before 116.0.5845.110 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
8.8
CVSSv3
CVE-2021-30569
Use after free in sqlite in Google Chrome before 92.0.4515.107 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
9.6
CVSSv3
CVE-2021-30571
Insufficient policy enforcement in DevTools in Google Chrome before 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2021-30576
Use after free in DevTools in Google Chrome before 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.8
CVSSv3
CVE-2021-30577
Insufficient policy enforcement in Installer in Google Chrome before 92.0.4515.107 allowed a remote malicious user to perform local privilege escalation via a crafted file.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2021-30579
Use after free in UI framework in Google Chrome before 92.0.4515.107 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »