Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 36 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45149
A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
383
VMScore
CVE-2021-23414
This affects the package video.js prior to 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.
Videojs Video.js
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
605
VMScore
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
Frrouting Frrouting
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2023-1528
Use after free in Passwords in Google Chrome before 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2023-1529
Out of bounds memory access in WebHID in Google Chrome before 111.0.5563.110 allowed a remote malicious user to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2023-1534
Out of bounds read in ANGLE in Google Chrome before 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
570
VMScore
CVE-2022-1053
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an malicious user to use one AK, EK pair from a real TPM to pass EK validation a...
Keylime Keylime
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-3037
Use After Free in GitHub repository vim/vim before 9.0.0322.
Vim Vim
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-45151
The stored-XSS vulnerability exists in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-30674
Adobe InDesign versions 16.4.2 (and previous versions) and 17.3 (and previous versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploit...
Adobe Indesign
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »