Vulnerabilities > Fedoraproject > Fedora > 35
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-05 | CVE-2022-33742 | Information Exposure vulnerability in multiple products Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). | 7.1 |
| 2022-07-05 | CVE-2022-2097 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. | 5.3 |
| 2022-07-03 | CVE-2022-2289 | Use After Free in GitHub repository vim/vim prior to 9.0. | 7.8 |
| 2022-07-03 | CVE-2022-2288 | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. | 7.8 |
| 2022-07-02 | CVE-2022-2287 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | 7.1 |
| 2022-07-02 | CVE-2022-2286 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | 7.8 |
| 2022-07-02 | CVE-2022-2285 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. | 7.8 |
| 2022-07-02 | CVE-2022-2284 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | 7.8 |
| 2022-07-01 | CVE-2022-34903 | Injection vulnerability in multiple products GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. | 6.5 |
| 2022-07-01 | CVE-2022-32081 | Use After Free vulnerability in multiple products MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. | 7.5 |