Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-02-07 CVE-2022-21712 twisted is an event-driven networking engine written in Python.
network
low complexity
twisted debian fedoraproject
7.5
7.5
2022-02-07 CVE-2022-23613 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
xrdp is an open source remote desktop protocol (RDP) server.
local
low complexity
neutrinolabs fedoraproject CWE-191
7.8
7.8
2022-02-06 CVE-2021-41816 Integer Overflow or Wraparound vulnerability in multiple products
CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes.
network
low complexity
ruby-lang fedoraproject CWE-190
critical
 9.8
9.8
2022-02-04 CVE-2021-40401 Unchecked Return Value vulnerability in multiple products
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1.
local
low complexity
gerbv-project fedoraproject debian CWE-252
8.6
8.6
2022-02-04 CVE-2021-40403 An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0.
local
low complexity
gerbv-project fedoraproject debian
6.3
6.3
2022-02-04 CVE-2022-23614 Code Injection vulnerability in multiple products
Twig is an open source template language for PHP.
network
low complexity
symfony fedoraproject debian CWE-94
critical
 9.8
9.8
2022-02-04 CVE-2022-23946 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian
7.8
7.8
2022-02-04 CVE-2022-23947 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian
7.8
7.8
2022-02-03 CVE-2022-22818 Cross-site Scripting vulnerability in multiple products
The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context.
network
low complexity
djangoproject fedoraproject debian CWE-79
6.1
6.1
2022-02-03 CVE-2022-23833 Infinite Loop vulnerability in multiple products
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2.
network
low complexity
djangoproject fedoraproject debian CWE-835
7.5
7.5