Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 37 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-5487
Inappropriate implementation in Fullscreen in Google Chrome before 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2023-5344
Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.1969.
Vim Vim
Fedoraproject Fedora 37
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-5686
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 before 5.9.0.
Radare Radare2
Fedoraproject Fedora 37
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-43655
Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_argv` enabled in php.ini. Vers...
Getcomposer Composer
Fedoraproject Fedora 37
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-5002
A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin before 7.6 failed to properly control the server code executed on this API, allow...
Pgadmin Pgadmin
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4.9
CVSSv3
CVE-2023-45129
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed fede...
Matrix Synapse
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4.3
CVSSv3
CVE-2023-39999
Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 up to and including 6.3.1, from 6.2 up to and including 6.2.2, from 6.1 up to and including 6.13, from 6.0 up to and including 6.0.5, from 5.9 up to and including 5.9.7, from 5.8 up to and including ...
Wordpress Wordpress
Fedoraproject Fedora 37
Fedoraproject Fedora 38
4.6
CVSSv3
CVE-2022-41877
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been ad...
Freerdp Freerdp
Fedoraproject Fedora 36
Fedoraproject Fedora 37
4.3
CVSSv3
CVE-2023-42453
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This co...
Matrix Synapse
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.9
CVSSv3
CVE-2023-32570
VideoLAN dav1d prior to 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.
Videolan Dav1d
Fedoraproject Fedora 37
Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »