Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5115 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2165 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 4.3 Medium |
| Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | ||||
| CVE-2022-2156 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2161 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | ||||
| CVE-2022-2153 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. | ||||
| CVE-2022-2057 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-08-03 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2129 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-08-03 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2124 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2126 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2056 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2132 | 4 Debian, Dpdk, Fedoraproject and 1 more | 15 Debian Linux, Data Plane Development Kit, Fedora and 12 more | 2024-08-03 | 8.6 High |
| A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | ||||
| CVE-2022-2085 | 2 Artifex, Fedoraproject | 2 Ghostscript, Fedora | 2024-08-03 | 5.5 Medium |
| A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash. | ||||
| CVE-2022-2058 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-08-03 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2008 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2010 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 9.3 Critical |
| Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2022-2011 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2007 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2000 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1996 | 3 Fedoraproject, Go-restful Project, Redhat | 6 Fedora, Go-restful, Container Native Virtualization and 3 more | 2024-08-03 | 9.1 Critical |
| Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. | ||||
| CVE-2022-1973 | 3 Fedoraproject, Linux, Netapp | 12 Fedora, Linux Kernel, H300s and 9 more | 2024-08-03 | 7.1 High |
| A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. | ||||