Vulnerabilities > Fedoraproject > Fedora > 36
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2022-24051 | MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. | 7.8 |
| 2022-02-18 | CVE-2022-24052 | MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. | 7.8 |
| 2022-02-16 | CVE-2022-25271 | Improper Input Validation vulnerability in multiple products Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. | 7.5 |
| 2022-02-16 | CVE-2022-0559 | Use After Free vulnerability in multiple products Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. | 9.8 |
| 2022-02-15 | CVE-2022-21698 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. | 7.5 |
| 2022-02-14 | CVE-2022-0571 | Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. | 6.1 |
| 2022-02-12 | CVE-2022-0096 | Use After Free vulnerability in multiple products Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-02-12 | CVE-2022-0097 | Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. | 9.6 |
| 2022-02-12 | CVE-2022-0098 | Use After Free vulnerability in multiple products Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. | 8.8 |
| 2022-02-12 | CVE-2022-0099 | Use After Free vulnerability in multiple products Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. | 8.8 |