Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2021-45444 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument.
local
low complexity
zsh fedoraproject debian apple
7.8
7.8
2022-02-14 CVE-2022-0571 Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.
network
low complexity
phoronix-media fedoraproject
6.1
6.1
2022-02-14 CVE-2022-0572 Out-of-bounds Write vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-787
7.8
7.8
2022-02-12 CVE-2022-0096 Use After Free vulnerability in multiple products
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0097 Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.
network
low complexity
google fedoraproject
critical
 9.6
9.6
2022-02-12 CVE-2022-0098 Use After Free vulnerability in multiple products
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0099 Use After Free vulnerability in multiple products
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0100 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2022-02-12 CVE-2022-0101 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2022-02-12 CVE-2022-0102 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8