Vulnerabilities > Fedoraproject > Fedora > 36
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-29162 | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | 7.8 |
| 2022-05-17 | CVE-2022-1706 | Incorrect Authorization vulnerability in multiple products A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. | 6.5 |
| 2022-05-17 | CVE-2022-1733 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | 7.8 |
| 2022-05-17 | CVE-2022-1769 | Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | 7.8 |
| 2022-05-16 | CVE-2022-1586 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. | 9.1 |
| 2022-05-16 | CVE-2022-1587 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. | 9.1 |
| 2022-05-16 | CVE-2022-30767 | Classic Buffer Overflow vulnerability in multiple products nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. | 9.8 |
| 2022-05-14 | CVE-2022-1379 | Server-Side Request Forgery (SSRF) vulnerability in multiple products URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. | 9.1 |
| 2022-05-12 | CVE-2022-28919 | Cross-site Scripting vulnerability in multiple products HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename. | 6.1 |
| 2022-05-12 | CVE-2022-1674 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. | 5.5 |