Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2022-27920	Cross-site Scripting vulnerability in multiple products libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. network low complexity kiwix fedoraproject CWE-79	6.1
2022-03-25	CVE-2021-3933	An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. local low complexity openexr fedoraproject debian	5.5
2022-03-25	CVE-2021-3941	In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. local low complexity openexr redhat fedoraproject debian	6.5
2022-03-25	CVE-2021-4147	Improper Locking vulnerability in multiple products A flaw was found in the libvirt libxl driver. local low complexity redhat fedoraproject netapp CWE-667	6.5
2022-03-25	CVE-2021-4157	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). low complexity linux fedoraproject netapp oracle CWE-119	8.0
2022-03-25	CVE-2022-0322	Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. local low complexity linux fedoraproject oracle CWE-704	5.5
2022-03-25	CVE-2022-0330	A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. local low complexity linux redhat fedoraproject netapp	7.8
2022-03-25	CVE-2022-0435	Out-of-bounds Write vulnerability in multiple products A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. network low complexity linux redhat ovirt fedoraproject netapp CWE-787	8.8
2022-03-25	CVE-2022-0500	Out-of-bounds Write vulnerability in multiple products A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-25	CVE-2022-0983	SQL Injection vulnerability in multiple products An SQL injection risk was identified in Badges code relating to configuring criteria. network low complexity moodle fedoraproject CWE-89	8.8