Fedoraproject ≫ Fedora

MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).

MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.

MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.

MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without serv...

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Use After Free in GitHub repository vim/vim prior to 8.2.

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.

kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.