Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-26360

  • EPSS 0.09%
  • Veröffentlicht 05.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:53:49

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memo...

7.8

CVE-2022-26361

  • EPSS 0.09%
  • Veröffentlicht 05.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:53:49

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memo...

7.5

CVE-2022-27649

  • EPSS 0.63%
  • Veröffentlicht 04.04.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:56:05

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabiliti...

7.5

CVE-2022-27650

  • EPSS 0.07%
  • Veröffentlicht 04.04.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:56:06

A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. ...

6.8

CVE-2022-27651

  • EPSS 0.12%
  • Veröffentlicht 04.04.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:56:06

A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enablin...

8.1

CVE-2022-24801

  • EPSS 1.15%
  • Veröffentlicht 04.04.2022 18:15:07
  • Zuletzt bearbeitet 25.11.2024 18:12:24

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than p...

7.5

CVE-2022-24785

  • EPSS 0.83%
  • Veröffentlicht 04.04.2022 17:15:07
  • Zuletzt bearbeitet 03.11.2025 22:15:57

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string ...

5.5

CVE-2022-24191

Exploit
  • EPSS 0.04%
  • Veröffentlicht 04.04.2022 11:15:08
  • Zuletzt bearbeitet 21.11.2024 06:49:58

In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.

5.5

CVE-2022-28388

  • EPSS 0.01%
  • Veröffentlicht 03.04.2022 21:15:08
  • Zuletzt bearbeitet 05.05.2025 17:18:07

usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.

5.5

CVE-2022-28389

  • EPSS 0.02%
  • Veröffentlicht 03.04.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:57:16

mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.