Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-09 | CVE-2023-5548 | Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 5.3 | ||
| 2023-11-09 | CVE-2023-5549 | Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 5.3 | ||
| 2023-11-09 | CVE-2023-5550 | In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 9.8 | ||
| 2023-11-09 | CVE-2023-5551 | Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 3.3 | ||
| 2023-11-09 | CVE-2023-5543 | When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 3.3 | ||
| 2023-11-11 | CVE-2023-46850 | Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer. | Debian_linux, Fedora, Openvpn, Openvpn_access_server | 9.8 | ||
| 2023-11-15 | CVE-2023-5997 | Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Fedora, Chrome | 8.8 | ||
| 2023-11-15 | CVE-2023-6112 | Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Fedora, Chrome | 8.8 | ||
| 2023-11-16 | CVE-2023-48231 | Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability. | Fedora, Vim | 4.3 | ||
| 2023-11-16 | CVE-2023-48232 | Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a... | Fedora, Vim | 4.3 |