Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2022-32545 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8
2022-06-16 CVE-2022-32546 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8
2022-04-26 CVE-2022-24882 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP).
network
low complexity
freerdp fedoraproject
7.5
7.5
2022-04-20 CVE-2022-28327 The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
network
low complexity
golang fedoraproject
7.5
7.5
2022-04-19 CVE-2022-25648 Argument Injection or Modification vulnerability in multiple products
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection.
network
low complexity
git fedoraproject debian CWE-88
critical
 9.8
9.8
2022-03-25 CVE-2022-0983 SQL Injection vulnerability in multiple products
An SQL injection risk was identified in Badges code relating to configuring criteria.
network
low complexity
moodle fedoraproject CWE-89
8.8
8.8
2022-03-18 CVE-2022-27191 The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
network
low complexity
golang fedoraproject redhat
7.5
7.5
2022-03-10 CVE-2022-0725 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in keepass.
network
low complexity
keepass fedoraproject CWE-532
7.5
7.5
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
6.5
2022-02-24 CVE-2022-0546 Integer Overflow or Wraparound vulnerability in multiple products
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.
local
low complexity
blender fedoraproject debian CWE-190
7.8
7.8