Vulnerabilities > Fedoraproject > Fedora > 35
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-07 | CVE-2022-42919 | Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. | 7.8 |
| 2022-11-06 | CVE-2022-40284 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow was discovered in NTFS-3G before 2022.10.3. | 7.8 |
| 2022-11-03 | CVE-2022-44638 | Integer Overflow or Wraparound vulnerability in multiple products In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. | 8.8 |
| 2022-11-01 | CVE-2022-42799 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products The issue was addressed with improved UI handling. | 6.1 |
| 2022-11-01 | CVE-2022-42823 | Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved memory handling. | 8.8 |
| 2022-11-01 | CVE-2022-42824 | A logic issue was addressed with improved state management. | 5.5 |
| 2022-11-01 | CVE-2022-39369 | phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. | 8.0 |
| 2022-11-01 | CVE-2022-42309 | Release of Invalid Pointer or Reference vulnerability in multiple products Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. | 8.8 |
| 2022-11-01 | CVE-2022-42310 | Incomplete Cleanup vulnerability in multiple products Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. | 5.5 |
| 2022-11-01 | CVE-2022-42311 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. | 6.5 |