Vulnerabilities > Fedoraproject > Fedora > 34

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-14	CVE-2022-0943	Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. local low complexity vim fedoraproject debian apple CWE-122	7.8
2022-03-14	CVE-2022-22719	Improper Initialization vulnerability in multiple products A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. network low complexity apache debian fedoraproject oracle apple CWE-665	7.5
2022-03-14	CVE-2022-22720	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling network low complexity apache fedoraproject debian oracle apple CWE-444 critical	9.8
2022-03-14	CVE-2022-22721	Integer Overflow or Wraparound vulnerability in multiple products If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. network low complexity apache fedoraproject debian oracle apple CWE-190 critical	9.1
2022-03-14	CVE-2022-23943	Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. network low complexity apache fedoraproject debian oracle CWE-787 critical	9.8
2022-03-11	CVE-2022-25600	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). network low complexity flippercode fedoraproject CWE-352	8.8
2022-03-11	CVE-2022-25601	Cross-site Scripting vulnerability in multiple products Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4). network low complexity plugin-planet fedoraproject CWE-79	6.1
2022-03-11	CVE-2022-0860	Improper Authorization vulnerability in multiple products Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. network low complexity cobbler-project fedoraproject CWE-285 critical	9.1
2022-03-10	CVE-2021-44269	Out-of-bounds Read vulnerability in multiple products An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. local low complexity wavpack fedoraproject CWE-125	5.5
2022-03-10	CVE-2021-4095	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. local low complexity linux fedoraproject CWE-476	5.5