Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5116 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28506 | 2 Fedoraproject, Giflib Project | 2 Fedora, Giflib | 2024-08-03 | 5.5 Medium |
| There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. | ||||
| CVE-2022-28389 | 4 Debian, Fedoraproject, Linux and 1 more | 19 Debian Linux, Fedora, Linux Kernel and 16 more | 2024-08-03 | 5.5 Medium |
| mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. | ||||
| CVE-2022-28390 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-08-03 | 7.8 High |
| ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. | ||||
| CVE-2022-28487 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-08-03 | 7.5 High |
| Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2022-28388 | 5 Debian, Fedoraproject, Linux and 2 more | 22 Debian Linux, Fedora, Linux Kernel and 19 more | 2024-08-03 | 5.5 Medium |
| usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. | ||||
| CVE-2022-28327 | 3 Fedoraproject, Golang, Redhat | 20 Extra Packages For Enterprise Linux, Fedora, Go and 17 more | 2024-08-03 | 7.5 High |
| The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. | ||||
| CVE-2022-28202 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2024-08-03 | 6.1 Medium |
| An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete. | ||||
| CVE-2022-28131 | 4 Fedoraproject, Golang, Netapp and 1 more | 16 Fedora, Go, Cloud Insights Telegraf and 13 more | 2024-08-03 | 7.5 High |
| Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. | ||||
| CVE-2022-28129 | 3 Apache, Debian, Fedoraproject | 3 Traffic Server, Debian Linux, Fedora | 2024-08-03 | 7.5 High |
| Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | ||||
| CVE-2022-28041 | 3 Debian, Fedoraproject, Nothings | 3 Debian Linux, Fedora, Stb Image.h | 2024-08-03 | 6.5 Medium |
| stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | ||||
| CVE-2022-28042 | 3 Debian, Fedoraproject, Nothings | 3 Debian Linux, Fedora, Stb Image.h | 2024-08-03 | 8.8 High |
| stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode. | ||||
| CVE-2022-27941 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-08-03 | 7.8 High |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | ||||
| CVE-2022-28048 | 2 Fedoraproject, Stb Project | 2 Fedora, Stb | 2024-08-03 | 8.8 High |
| STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac. | ||||
| CVE-2022-27942 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-08-03 | 7.8 High |
| tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | ||||
| CVE-2022-27943 | 2 Fedoraproject, Gnu | 2 Fedora, Gcc | 2024-08-03 | 5.5 Medium |
| libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. | ||||
| CVE-2022-27940 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-08-03 | 7.8 High |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | ||||
| CVE-2022-27939 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-08-03 | 5.5 Medium |
| tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | ||||
| CVE-2022-27920 | 2 Fedoraproject, Kiwix | 2 Fedora, Libkiwix | 2024-08-03 | 6.1 Medium |
| libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0. | ||||
| CVE-2022-27650 | 3 Crun Project, Fedoraproject, Redhat | 4 Crun, Fedora, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. | ||||
| CVE-2022-27776 | 7 Brocade, Debian, Fedoraproject and 4 more | 19 Fabric Operating System, Debian Linux, Fedora and 16 more | 2024-08-03 | 6.5 Medium |
| A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. | ||||