Vulnerabilities > Fedoraproject > Fedora > 34

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-31	CVE-2021-45079	NULL Pointer Dereference vulnerability in multiple products In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. network low complexity strongswan debian fedoraproject canonical CWE-476 critical	9.1
2022-01-31	CVE-2022-24130	Classic Buffer Overflow vulnerability in multiple products xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. local low complexity invisible-island debian fedoraproject CWE-120	5.5
2022-01-30	CVE-2022-0408	Stack-based Buffer Overflow vulnerability in multiple products Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject debian CWE-121	7.8
2022-01-30	CVE-2022-0413	Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject debian CWE-416	7.8
2022-01-29	CVE-2021-46659	MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. local low complexity mariadb fedoraproject	5.5
2022-01-29	CVE-2022-24122	Use After Free vulnerability in multiple products kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. local low complexity linux netapp fedoraproject CWE-416	7.8
2022-01-28	CVE-2022-0393	Out-of-bounds Read vulnerability in multiple products Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject CWE-125	7.1
2022-01-28	CVE-2022-23598	Cross-site Scripting vulnerability in multiple products laminas-form is a package for validating and displaying simple and complex forms. network low complexity getlaminas fedoraproject CWE-79	6.1
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject siemens CWE-190	7.5
2022-01-26	CVE-2021-22570	NULL Pointer Dereference vulnerability in multiple products Nullptr dereference when a null char is present in a proto symbol. local low complexity google debian fedoraproject oracle netapp CWE-476	5.5