Fedoraproject Fedora vulnerabilities

CVE-2023-5852 [HIGH] CWE-416 CVE-2023-5852: Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who co Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE-2023-5854 [HIGH] CWE-416 CVE-2023-5854: Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who co Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE-2023-5858 [MEDIUM] CWE-346 CVE-2023-5858: Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a r Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

CVE-2023-5853 [MEDIUM] CWE-346 CVE-2023-5853: Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacke Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-5850 [MEDIUM] CVE-2023-5850: Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacke Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

CVE-2023-5859 [MEDIUM] CWE-346 CVE-2023-5859: Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remot Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

CVE-2023-5851 [MEDIUM] CWE-346 CVE-2023-5851: Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-5480 [MEDIUM] CWE-79 CVE-2023-5480: Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote a Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

CVE-2023-43796 [MEDIUM] CWE-200 CVE-2023-43796: Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device in Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are encouraged to upgrade to Synapse 1.95.1 or 1.96.0rc1 to receive a patch. As a workaround, the `feder

CVE-2023-5349 [LOW] CWE-401 CVE-2023-5349: A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue c A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.

CVE-2023-34058 [HIGH] CWE-347 CVE-2023-34058: VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been g VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been a

CVE-2023-5472 [HIGH] CWE-416 CVE-2023-5472: Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to pot Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-42852 [HIGH] CVE-2023-42852: A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, w A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.

CVE-2023-5367 [HIGH] CWE-787 CVE-2023-5367: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect c A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

CVE-2023-41983 [MEDIUM] CWE-119 CVE-2023-41983: The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Saf The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

CVE-2023-5380 [MEDIUM] CWE-416 CVE-2023-5380: A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specif A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed follo

CVE-2023-31122 [HIGH] CWE-125 CVE-2023-31122: Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP S Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.

CVE-2023-45802 [MEDIUM] CVE-2023-45802: When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's m When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close

CVE-2023-5686 [HIGH] CWE-122 CVE-2023-5686: Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CVE-2023-39332 [CRITICAL] CVE-2023-39332: Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In Nod Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In Node.js environments, the `Buffer` class extends the `Uint8Array` class. Node.js prevents path traversal through strings (see CVE-2023-30584) and `Buffer` objects (see CVE-2023-32004), but not through non-`Buffer` `Uint8Array` objects. This is distinct from C