Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-23	CVE-2022-37428	Incomplete Cleanup vulnerability in multiple products PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties. network low complexity powerdns fedoraproject CWE-459	6.5
2022-08-23	CVE-2021-23177	An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. local low complexity libarchive fedoraproject redhat debian	7.8
2022-08-23	CVE-2021-31566	An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. local low complexity libarchive fedoraproject redhat debian splunk	7.8
2022-08-23	CVE-2021-3670	MaxQueryDuration not honoured in Samba AD DC LDAP network low complexity samba redhat fedoraproject	6.5
2022-08-23	CVE-2021-3839	Out-of-bounds Write vulnerability in multiple products A flaw was found in the vhost library in DPDK. network low complexity dpdk fedoraproject redhat CWE-787	7.5
2022-08-23	CVE-2021-3905	Memory Leak vulnerability in multiple products A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. network low complexity openvswitch redhat canonical fedoraproject CWE-401	7.5
2022-08-23	CVE-2022-25761	Allocation of Resources Without Limits or Throttling vulnerability in multiple products The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. network low complexity open62541 fedoraproject CWE-770	7.5
2022-08-23	CVE-2021-28861	Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. network low complexity python fedoraproject CWE-601	7.4
2022-08-22	CVE-2022-2923	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. local low complexity vim fedoraproject	5.5
2022-08-22	CVE-2021-3659	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. local low complexity linux fedoraproject redhat CWE-476	5.5