Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2022-0583 Out-of-bounds Write vulnerability in multiple products
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-787
7.5
7.5
2022-02-14 CVE-2022-0586 Infinite Loop vulnerability in multiple products
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-835
7.5
7.5
2022-02-14 CVE-2021-45444 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument.
local
low complexity
zsh fedoraproject debian apple
7.8
7.8
2022-02-14 CVE-2022-0571 Cross-site Scripting vulnerability in multiple products
Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.
network
low complexity
phoronix-media fedoraproject CWE-79
6.1
6.1
2022-02-14 CVE-2022-0572 Out-of-bounds Write vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-787
7.8
7.8
2022-02-12 CVE-2022-0096 Use After Free vulnerability in multiple products
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0097 Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.
network
low complexity
google fedoraproject
critical
 9.6
9.6
2022-02-12 CVE-2022-0098 Use After Free vulnerability in multiple products
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0099 Use After Free vulnerability in multiple products
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0100 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8