Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv3
CVE-2023-40551
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
Redhat Shim
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
7.4
CVSSv3
CVE-2023-40548
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer ...
Redhat Shim
Redhat Shim 15.8
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-46838
Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts ...
Linux Linux Kernel
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2024-0806
Use after free in Passwords in Google Chrome before 121.0.6167.85 allowed a remote malicious user to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
4.3
CVSSv3
CVE-2024-0809
Inappropriate implementation in Autofill in Google Chrome before 121.0.6167.85 allowed a remote malicious user to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2024-0804
Insufficient policy enforcement in iOS Security UI in Google Chrome before 121.0.6167.85 allowed a remote malicious user to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
4.3
CVSSv3
CVE-2024-0805
Inappropriate implementation in Downloads in Google Chrome before 121.0.6167.85 allowed a remote malicious user to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2024-0807
Use after free in Web Audio in Google Chrome before 121.0.6167.85 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2024-0808
Integer underflow in WebUI in Google Chrome before 121.0.6167.85 allowed a remote malicious user to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
4.3
CVSSv3
CVE-2024-0811
Inappropriate implementation in Extensions API in Google Chrome before 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »