Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-1706

  • EPSS 0.3%
  • Published 17.05.2022 18:15:08
  • Last modified 21.11.2024 06:41:17

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threa...

7.8

CVE-2022-1733

Exploit
  • EPSS 0.05%
  • Published 17.05.2022 17:15:08
  • Last modified 21.11.2024 06:41:21

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

7.8

CVE-2022-1769

  • EPSS 0.03%
  • Published 17.05.2022 17:15:08
  • Last modified 21.11.2024 06:41:25

Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.

9.1

CVE-2022-1586

  • EPSS 0.47%
  • Published 16.05.2022 21:15:07
  • Last modified 25.03.2025 19:39:30

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occu...

9.1

CVE-2022-1587

  • EPSS 0.26%
  • Published 16.05.2022 21:15:07
  • Last modified 21.11.2024 06:41:01

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

9.8

CVE-2022-30767

Exploit
  • EPSS 0.15%
  • Published 16.05.2022 03:15:07
  • Last modified 03.11.2025 20:15:54

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.

9.1

CVE-2022-1379

Exploit
  • EPSS 0.27%
  • Published 14.05.2022 10:15:07
  • Last modified 21.11.2024 06:40:36

URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows ac...

6.1

CVE-2022-28919

Exploit
  • EPSS 0.56%
  • Published 12.05.2022 16:15:07
  • Last modified 21.11.2024 06:58:11

HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename.

5.5

CVE-2022-1674

Exploit
  • EPSS 0.14%
  • Published 12.05.2022 11:15:07
  • Last modified 21.11.2024 06:41:13

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (applicati...

5.5

CVE-2022-1622

Exploit
  • EPSS 0.1%
  • Published 11.05.2022 15:15:09
  • Last modified 21.11.2024 06:41:06

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.