Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-24	CVE-2021-42612	Use After Free vulnerability in multiple products A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. local low complexity halibut-project fedoraproject CWE-416	7.8
2022-05-24	CVE-2021-42613	Double Free vulnerability in multiple products A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. local low complexity halibut-project fedoraproject CWE-415	7.8
2022-05-24	CVE-2021-42614	Use After Free vulnerability in multiple products A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. local low complexity halibut-project fedoraproject CWE-416	7.8
2022-05-24	CVE-2022-29217	PyJWT is a Python implementation of RFC 7519. network low complexity pyjwt-project fedoraproject	7.5
2022-05-24	CVE-2022-29221	Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. network low complexity smarty debian fedoraproject	8.8
2022-05-18	CVE-2022-30597	A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field. network low complexity moodle redhat fedoraproject	5.3
2022-05-18	CVE-2022-30598	A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it. network low complexity moodle redhat fedoraproject	4.3
2022-05-18	CVE-2022-30599	SQL Injection vulnerability in multiple products A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. network low complexity moodle redhat fedoraproject CWE-89 critical	9.8
2022-05-18	CVE-2022-30600	Incorrect Calculation vulnerability in multiple products A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. network low complexity moodle redhat fedoraproject CWE-682 critical	9.8
2022-05-18	CVE-2022-30596	Cross-site Scripting vulnerability in multiple products A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. network low complexity moodle redhat fedoraproject CWE-79	5.4