Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-21 | CVE-2022-0696 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. | 5.5 |
| 2022-02-21 | CVE-2021-44141 | Link Following vulnerability in multiple products All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. | 4.3 |
| 2022-02-21 | CVE-2021-44142 | Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. | 8.8 |
| 2022-02-20 | CVE-2021-45083 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Cobbler before 3.3.1. | 7.1 |
| 2022-02-20 | CVE-2022-0685 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. | 7.8 |
| 2022-02-19 | CVE-2021-45082 | Command Injection vulnerability in multiple products An issue was discovered in Cobbler before 3.3.1. | 7.8 |
| 2022-02-18 | CVE-2022-23645 | swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. | 5.5 |
| 2022-02-18 | CVE-2022-24048 | MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. | 7.8 |
| 2022-02-18 | CVE-2022-24050 | MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. | 7.8 |
| 2022-02-18 | CVE-2022-24051 | MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. | 7.8 |