Vulnerabilities > Fedoraproject > Fedora > 35

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-25	CVE-2022-35650	Improper Input Validation vulnerability in multiple products The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. network low complexity moodle fedoraproject CWE-20	7.5
2022-07-25	CVE-2022-35651	Cross-site Scripting vulnerability in multiple products A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. network low complexity moodle redhat fedoraproject CWE-79	6.1
2022-07-25	CVE-2022-35652	Open Redirect vulnerability in multiple products An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. network low complexity moodle fedoraproject CWE-601	6.1
2022-07-25	CVE-2022-35653	Cross-site Scripting vulnerability in multiple products A reflected XSS issue was identified in the LTI module of Moodle. network low complexity moodle fedoraproject redhat CWE-79	6.1
2022-07-25	CVE-2022-0670	A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. network low complexity linuxfoundation redhat fedoraproject critical	9.1
2022-07-24	CVE-2021-46829	Integer Overflow or Wraparound vulnerability in multiple products GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. local low complexity gnome fedoraproject debian CWE-190	7.8
2022-07-20	CVE-2022-31160	jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. network low complexity jqueryui netapp drupal fedoraproject debian	6.1
2022-07-19	CVE-2022-2476	A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. local low complexity wavpack fedoraproject	5.5
2022-07-19	CVE-2022-34169	Incorrect Conversion between Numeric Types vulnerability in multiple products The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. network low complexity apache debian oracle fedoraproject netapp azul CWE-681	7.5
2022-07-14	CVE-2022-23825	Exposure of Resource to Wrong Sphere vulnerability in multiple products Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. local low complexity debian fedoraproject amd vmware CWE-668	6.5