Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora
Total 5302 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4905 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4904 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)
CVE-2023-4903 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4902 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4901 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4900 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4752 4 Apple, Debian, Fedoraproject and 1 more 4 Macos, Debian Linux, Fedora and 1 more 2024-11-21 N/A 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to 9.0.1858.
CVE-2023-4750 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2024-11-21 N/A 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
CVE-2023-4733 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2024-11-21 N/A 7.8 HIGH
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
CVE-2023-4572 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4535 3 Fedoraproject, Opensc Project, Redhat 3 Fedora, Opensc, Enterprise Linux 2024-11-21 N/A 4.5 MEDIUM
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.
CVE-2023-4431 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.1 HIGH
Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4430 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4429 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4427 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.1 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4367 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4366 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4365 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4364 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4363 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)