Vulnerabilities > Fedoraproject > Fedora > 37

DATE CVE VULNERABILITY TITLE RISK
2022-08-18 CVE-2022-37048 Out-of-bounds Write vulnerability in multiple products
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344.
local
low complexity
broadcom fedoraproject CWE-787
7.8
7.8
2022-08-18 CVE-2022-37049 Out-of-bounds Write vulnerability in multiple products
The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150.
local
low complexity
broadcom fedoraproject CWE-787
7.8
7.8
2022-08-17 CVE-2020-14394 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring.
local
low complexity
qemu fedoraproject redhat CWE-835
3.2
3.2
2022-08-17 CVE-2022-2862 Use After Free in GitHub repository vim/vim prior to 9.0.0221.
local
low complexity
vim fedoraproject
7.8
7.8
2022-08-17 CVE-2022-2849 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
local
low complexity
vim fedoraproject
7.8
7.8
2022-08-17 CVE-2022-2845 Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
local
low complexity
fedoraproject vim
7.8
7.8
2022-08-15 CVE-2022-38223 Out-of-bounds Write vulnerability in multiple products
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3.
local
low complexity
tats fedoraproject CWE-787
7.8
7.8
2022-08-12 CVE-2022-2603 Use After Free vulnerability in multiple products
Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-08-12 CVE-2022-2604 Use After Free vulnerability in multiple products
Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-08-12 CVE-2022-2605 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
6.5
6.5