Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2022-30292

  • EPSS 2.49%
  • Veröffentlicht 04.05.2022 23:15:08
  • Zuletzt bearbeitet 21.11.2024 07:02:30

Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.

7.8

CVE-2022-20770

  • EPSS 0.86%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:31

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS v...

7.8

CVE-2022-20771

  • EPSS 0.98%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:31

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and ...

7.8

CVE-2022-20785

  • EPSS 1.02%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:33

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS ...

5.5

CVE-2022-20796

  • EPSS 0.03%
  • Veröffentlicht 04.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:34

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an a...

7.5

CVE-2022-28487

Exploit
  • EPSS 0.47%
  • Veröffentlicht 04.05.2022 15:15:12
  • Zuletzt bearbeitet 21.11.2024 06:57:25

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

7.8

CVE-2022-27470

Exploit
  • EPSS 0.15%
  • Veröffentlicht 04.05.2022 03:15:07
  • Zuletzt bearbeitet 21.11.2024 06:55:47

SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.

10

CVE-2022-1292

  • EPSS 41.21%
  • Veröffentlicht 03.05.2022 16:15:18
  • Zuletzt bearbeitet 13.08.2025 14:15:28

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execut...

6.5

CVE-2022-29824

Exploit
  • EPSS 0.07%
  • Veröffentlicht 03.05.2022 03:15:06
  • Zuletzt bearbeitet 21.11.2024 06:59:45

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte...

7.8

CVE-2021-46790

Exploit
  • EPSS 0.05%
  • Veröffentlicht 02.05.2022 12:16:26
  • Zuletzt bearbeitet 21.11.2024 06:34:43

ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.