Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-26 | CVE-2022-30789 | Out-of-bounds Write vulnerability in multiple products A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. | 7.8 |
| 2022-05-26 | CVE-2022-1886 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-05-25 | CVE-2022-1348 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A vulnerability was found in logrotate in how the state file is created. | 6.5 |
| 2022-05-25 | CVE-2022-1851 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-05-24 | CVE-2021-42612 | Use After Free vulnerability in multiple products A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. | 7.8 |
| 2022-05-24 | CVE-2021-42613 | Double Free vulnerability in multiple products A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. | 7.8 |
| 2022-05-24 | CVE-2021-42614 | Use After Free vulnerability in multiple products A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. | 7.8 |
| 2022-05-24 | CVE-2022-29217 | PyJWT is a Python implementation of RFC 7519. | 7.5 |
| 2022-05-24 | CVE-2022-29221 | Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. | 8.8 |
| 2022-05-18 | CVE-2022-30597 | A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. | 5.3 |