Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-04-18 CVE-2022-1381 global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763.
local
low complexity
vim fedoraproject apple
7.8
2022-04-15 CVE-2022-1231 Cross-site Scripting vulnerability in multiple products
XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4.
network
low complexity
plantuml fedoraproject CWE-79
6.1
2022-04-15 CVE-2022-28041 Integer Overflow or Wraparound vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc.
network
low complexity
nothings fedoraproject debian CWE-190
6.5
2022-04-15 CVE-2022-28042 Use After Free vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.
network
low complexity
nothings fedoraproject debian CWE-416
8.8
2022-04-15 CVE-2022-28048 Incorrect Calculation vulnerability in multiple products
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.
network
low complexity
stb-project fedoraproject CWE-682
8.8
2022-04-14 CVE-2022-1304 An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5.
local
low complexity
e2fsprogs-project redhat fedoraproject
7.8
2022-04-14 CVE-2022-1328 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line
network
low complexity
mutt debian fedoraproject CWE-120
5.3
2022-04-13 CVE-2022-24828 Argument Injection or Modification vulnerability in multiple products
Composer is a dependency manager for the PHP programming language.
network
low complexity
getcomposer tenable fedoraproject CWE-88
8.8
2022-04-13 CVE-2015-20107 Command Injection vulnerability in multiple products
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file.
network
low complexity
python netapp fedoraproject CWE-77
7.6
2022-04-12 CVE-2021-28544 Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules.
network
low complexity
apache debian fedoraproject apple
4.3