Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-14 | CVE-2022-0943 | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. | 7.8 |
2022-03-14 | CVE-2022-22719 | Improper Initialization vulnerability in multiple products A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. | 7.5 |
2022-03-14 | CVE-2022-22720 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling | 9.8 |
2022-03-14 | CVE-2022-22721 | Integer Overflow or Wraparound vulnerability in multiple products If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. | 9.1 |
2022-03-14 | CVE-2022-23943 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. | 9.8 |
2022-03-11 | CVE-2022-25600 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). | 8.8 |
2022-03-11 | CVE-2022-25601 | Cross-site Scripting vulnerability in multiple products Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4). | 6.1 |
2022-03-11 | CVE-2022-0860 | Improper Authorization vulnerability in multiple products Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. | 9.1 |
2022-03-10 | CVE-2021-44269 | Out-of-bounds Read vulnerability in multiple products An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. | 5.5 |
2022-03-10 | CVE-2021-4095 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. | 5.5 |