Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-25763

  • EPSS 0.13%
  • Published 10.08.2022 06:15:08
  • Last modified 20.10.2025 18:15:36

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-28129

  • EPSS 0.29%
  • Published 10.08.2022 06:15:08
  • Last modified 21.11.2024 06:56:48

Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-31779

  • EPSS 0.21%
  • Published 10.08.2022 06:15:08
  • Last modified 21.11.2024 07:05:18

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-31780

  • EPSS 0.44%
  • Published 10.08.2022 06:15:08
  • Last modified 21.11.2024 07:05:18

Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-37451

Exploit
  • EPSS 4.86%
  • Published 06.08.2022 18:15:08
  • Last modified 21.11.2024 07:15:00

Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.

7.8

CVE-2022-1158

Exploit
  • EPSS 0.02%
  • Published 05.08.2022 17:15:08
  • Last modified 21.11.2024 06:40:09

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host ...

7.1

CVE-2022-1973

  • EPSS 0.13%
  • Published 05.08.2022 17:15:08
  • Last modified 21.11.2024 06:41:51

A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.

9.8

CVE-2022-37434

Exploit
  • EPSS 92.68%
  • Published 05.08.2022 07:15:07
  • Last modified 30.05.2025 20:15:30

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib s...

8

CVE-2022-31197

Exploit
  • EPSS 1.59%
  • Published 03.08.2022 19:15:08
  • Last modified 03.11.2025 22:15:58

PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of...

7.4

CVE-2022-29154

Exploit
  • EPSS 0.35%
  • Published 02.08.2022 15:15:08
  • Last modified 21.11.2024 06:58:35

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client perfo...