Vulnerabilities > Fedoraproject > Fedora > 37
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-26 | CVE-2022-27942 | Out-of-bounds Read vulnerability in multiple products tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | 7.8 |
| 2022-03-25 | CVE-2022-22995 | Link Following vulnerability in multiple products The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. | 9.8 |
| 2022-03-16 | CVE-2022-24729 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 7.5 |
| 2022-03-16 | CVE-2022-24728 | Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 5.4 |
| 2022-03-10 | CVE-2022-0856 | Divide By Zero vulnerability in multiple products libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service | 6.5 |
| 2022-03-03 | CVE-2021-3638 | An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. | 6.5 |
| 2022-02-24 | CVE-2022-24599 | Memory Leak vulnerability in multiple products In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. | 6.5 |
| 2022-02-15 | CVE-2022-21698 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. | 7.5 |
| 2022-02-11 | CVE-2022-23634 | Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. | 5.9 |
| 2022-01-10 | CVE-2021-21408 | Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. | 8.8 |