Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5115 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2946 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0246. | ||||
| CVE-2022-2938 | 4 Fedoraproject, Linux, Netapp and 1 more | 15 Fedora, Linux Kernel, H300s and 12 more | 2024-08-03 | 7.8 High |
| A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. | ||||
| CVE-2022-2862 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0221. | ||||
| CVE-2022-2854 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2850 | 4 Debian, Fedoraproject, Port389 and 1 more | 6 Debian Linux, Fedora, 389-ds-base and 3 more | 2024-08-03 | 6.5 Medium |
| A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514. | ||||
| CVE-2022-2889 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0225. | ||||
| CVE-2022-2860 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 6.5 Medium |
| Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page. | ||||
| CVE-2022-2873 | 5 Debian, Fedoraproject, Linux and 2 more | 16 Debian Linux, Fedora, Linux Kernel and 13 more | 2024-08-03 | 5.5 Medium |
| An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. | ||||
| CVE-2022-2867 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-08-03 | 5.5 Medium |
| libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. | ||||
| CVE-2022-2858 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. | ||||
| CVE-2022-2819 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. | ||||
| CVE-2022-2868 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-08-03 | 5.5 Medium |
| libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. | ||||
| CVE-2022-2869 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-08-03 | 5.5 Medium |
| libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. | ||||
| CVE-2022-2853 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-08-03 | 8.8 High |
| Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2852 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2857 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2817 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0213. | ||||
| CVE-2022-2861 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 6.5 Medium |
| Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page. | ||||
| CVE-2022-2845 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-03 | 7.8 High |
| Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. | ||||
| CVE-2022-2859 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. | ||||