Vulnerabilities > Fedoraproject > Fedora > 37

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-26	CVE-2022-27942	Out-of-bounds Read vulnerability in multiple products tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. local low complexity broadcom fedoraproject CWE-125	7.8
2022-03-25	CVE-2022-22995	Link Following vulnerability in multiple products The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. network low complexity westerndigital fedoraproject netatalk CWE-59 critical	9.8
2022-03-16	CVE-2022-24729	CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject	7.5
2022-03-16	CVE-2022-24728	Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject CWE-79	5.4
2022-03-10	CVE-2022-0856	Divide By Zero vulnerability in multiple products libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service network low complexity libcaca-project fedoraproject CWE-369	6.5
2022-03-03	CVE-2021-3638	Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. local low complexity qemu fedoraproject CWE-787	6.5
2022-02-24	CVE-2022-24599	Memory Leak vulnerability in multiple products In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. network low complexity audio-file-library-project debian fedoraproject CWE-401	6.5
2022-02-15	CVE-2022-21698	Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. network low complexity prometheus fedoraproject rdo-project CWE-770	7.5
2022-02-11	CVE-2022-23634	Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. network high complexity puma rubyonrails debian fedoraproject CWE-404	5.9
2022-01-10	CVE-2021-21408	Improper Input Validation vulnerability in multiple products Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. network low complexity smarty debian fedoraproject CWE-20	8.8