Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-2938

  • EPSS 0.03%
  • Published 23.08.2022 20:15:08
  • Last modified 21.11.2024 07:01:57

A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.

7.8

CVE-2022-31676

  • EPSS 0.07%
  • Published 23.08.2022 20:15:08
  • Last modified 21.11.2024 07:05:06

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

6.5

CVE-2022-37428

  • EPSS 0.04%
  • Published 23.08.2022 17:15:15
  • Last modified 21.11.2024 07:14:58

PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properti...

7.8

CVE-2022-2946

Exploit
  • EPSS 0.04%
  • Published 23.08.2022 17:15:14
  • Last modified 21.11.2024 07:01:58

Use After Free in GitHub repository vim/vim prior to 9.0.0246.

7.5

CVE-2021-3839

  • EPSS 0.13%
  • Published 23.08.2022 16:15:10
  • Last modified 21.11.2024 06:22:36

A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result o...

7.5

CVE-2021-3905

Exploit
  • EPSS 0.14%
  • Published 23.08.2022 16:15:10
  • Last modified 21.11.2024 06:22:44

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

7.8

CVE-2021-23177

  • EPSS 0.04%
  • Published 23.08.2022 16:15:09
  • Last modified 21.11.2024 05:51:19

An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extrac...

7.8

CVE-2021-31566

  • EPSS 0.03%
  • Published 23.08.2022 16:15:09
  • Last modified 21.11.2024 06:05:55

An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger...

6.5

CVE-2021-3670

  • EPSS 2.8%
  • Published 23.08.2022 16:15:09
  • Last modified 21.08.2025 17:57:42

MaxQueryDuration not honoured in Samba AD DC LDAP

7.5

CVE-2022-25761

  • EPSS 0.14%
  • Published 23.08.2022 05:15:08
  • Last modified 21.11.2024 06:52:57

The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attack...