Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-02-01 CVE-2021-46667 Integer Overflow or Wraparound vulnerability in multiple products
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.
local
low complexity
mariadb fedoraproject CWE-190
5.5
5.5
2022-02-01 CVE-2021-46668 Resource Exhaustion vulnerability in multiple products
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.
local
low complexity
mariadb fedoraproject CWE-400
5.5
5.5
2022-02-01 CVE-2021-46669 Use After Free vulnerability in multiple products
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
network
low complexity
mariadb fedoraproject debian CWE-416
7.5
7.5
2022-01-31 CVE-2021-45079 NULL Pointer Dereference vulnerability in multiple products
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.
network
low complexity
strongswan debian fedoraproject canonical CWE-476
critical
 9.1
9.1
2022-01-31 CVE-2022-24130 Classic Buffer Overflow vulnerability in multiple products
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. 		5.5
5.5
2022-01-30 CVE-2022-0408 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
7.8
2022-01-30 CVE-2022-0413 Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
7.8
2022-01-29 CVE-2021-46659 MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.
local
low complexity
mariadb fedoraproject
5.5
5.5
2022-01-29 CVE-2022-24122 Use After Free vulnerability in multiple products
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
local
low complexity
linux netapp fedoraproject CWE-416
7.8
7.8
2022-01-28 CVE-2022-0393 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject
7.1
7.1