Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5329 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2158 | 2 Fedoraproject, Google | 3 Extra Packages For Enterprise Linux, Fedora, Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2157 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2156 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2153 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. | ||||
| CVE-2022-2132 | 4 Debian, Dpdk, Fedoraproject and 1 more | 15 Debian Linux, Data Plane Development Kit, Fedora and 12 more | 2024-11-21 | 8.6 High |
| A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | ||||
| CVE-2022-2129 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2024-11-21 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2126 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2124 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2097 | 6 Debian, Fedoraproject, Netapp and 3 more | 16 Debian Linux, Fedora, Active Iq Unified Manager and 13 more | 2024-11-21 | 5.3 Medium |
| AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). | ||||
| CVE-2022-2058 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2057 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2056 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | 5.5 Medium |
| Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. | ||||
| CVE-2022-2011 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2010 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 9.3 Critical |
| Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2022-2008 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2007 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2000 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-29968 | 3 Fedoraproject, Linux, Netapp | 13 Fedora, Linux Kernel, H300s and 10 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. | ||||
| CVE-2022-29901 | 6 Debian, Fedoraproject, Intel and 3 more | 258 Debian Linux, Fedora, Core I3-6100 and 255 more | 2024-11-21 | 5.6 Medium |
| Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. | ||||