Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-28	CVE-2022-2162	Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. network low complexity google fedoraproject	8.8
2022-07-28	CVE-2022-2164	Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. network low complexity google fedoraproject	6.3
2022-07-28	CVE-2022-2165	Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google fedoraproject	4.3
2022-07-26	CVE-2022-33745	insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. local low complexity xen debian fedoraproject	8.8
2022-07-25	CVE-2022-34749	In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. network low complexity mistune-project fedoraproject	7.5
2022-07-25	CVE-2022-35649	Improper Input Validation vulnerability in multiple products The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. network low complexity moodle fedoraproject CWE-20 critical	9.8
2022-07-25	CVE-2022-35650	Improper Input Validation vulnerability in multiple products The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. network low complexity moodle fedoraproject CWE-20	7.5
2022-07-25	CVE-2022-35651	Cross-site Scripting vulnerability in multiple products A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. network low complexity moodle redhat fedoraproject CWE-79	6.1
2022-07-25	CVE-2022-35652	Open Redirect vulnerability in multiple products An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. network low complexity moodle fedoraproject CWE-601	6.1
2022-07-25	CVE-2022-35653	Cross-site Scripting vulnerability in multiple products A reflected XSS issue was identified in the LTI module of Moodle. network low complexity moodle fedoraproject redhat CWE-79	6.1