Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-33070 Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c.
local
low complexity
protobuf-c-project fedoraproject
5.5
5.5
2022-06-23 CVE-2022-2175 Out-of-bounds Read vulnerability in multiple products
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject CWE-125
7.8
7.8
2022-06-21 CVE-2022-2068 OS Command Injection vulnerability in multiple products
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review.
network
low complexity
openssl debian fedoraproject siemens netapp broadcom CWE-78
critical
 9.8
9.8
2022-06-20 CVE-2022-1720 Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956.
local
low complexity
vim debian fedoraproject apple
7.8
7.8
2022-06-19 CVE-2022-2129 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
7.8
2022-06-19 CVE-2022-2126 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim debian fedoraproject apple
7.8
7.8
2022-06-19 CVE-2022-2125 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject apple
7.8
7.8
2022-06-19 CVE-2022-2124 Buffer Over-read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim debian fedoraproject apple
7.8
7.8
2022-06-16 CVE-2022-2085 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory.
local
low complexity
artifex fedoraproject CWE-476
5.5
5.5
2022-06-16 CVE-2022-32545 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed.
local
low complexity
imagemagick redhat fedoraproject CWE-190
7.8
7.8