Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-1706

  • EPSS 0.3%
  • Veröffentlicht 17.05.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:17

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threa...

7.8

CVE-2022-1733

Exploit
  • EPSS 0.05%
  • Veröffentlicht 17.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:21

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

7.8

CVE-2022-1769

  • EPSS 0.03%
  • Veröffentlicht 17.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:25

Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.

9.1

CVE-2022-1586

  • EPSS 0.47%
  • Veröffentlicht 16.05.2022 21:15:07
  • Zuletzt bearbeitet 25.03.2025 19:39:30

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occu...

9.1

CVE-2022-1587

  • EPSS 0.26%
  • Veröffentlicht 16.05.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:41:01

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

9.8

CVE-2022-30767

Exploit
  • EPSS 0.15%
  • Veröffentlicht 16.05.2022 03:15:07
  • Zuletzt bearbeitet 03.11.2025 20:15:54

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.

9.1

CVE-2022-1379

Exploit
  • EPSS 0.27%
  • Veröffentlicht 14.05.2022 10:15:07
  • Zuletzt bearbeitet 21.11.2024 06:40:36

URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows ac...

6.1

CVE-2022-28919

Exploit
  • EPSS 0.56%
  • Veröffentlicht 12.05.2022 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:58:11

HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename.

5.5

CVE-2022-1674

Exploit
  • EPSS 0.14%
  • Veröffentlicht 12.05.2022 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:41:13

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (applicati...

5.5

CVE-2022-1622

Exploit
  • EPSS 0.1%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:06

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.