Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-20	CVE-2021-45417	Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787	7.8
2022-01-20	CVE-2022-21658	Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. local high complexity rust-lang fedoraproject apple	6.3
2022-01-19	CVE-2022-21699	IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. local low complexity ipython debian fedoraproject	8.8
2022-01-18	CVE-2022-21673	Grafana is an open-source platform for monitoring and observability. network low complexity grafana fedoraproject	4.3
2022-01-17	CVE-2022-23303	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. network low complexity w1-fi fedoraproject CWE-203 critical	9.8
2022-01-17	CVE-2022-23304	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. network low complexity w1-fi fedoraproject CWE-203 critical	9.8
2022-01-16	CVE-2022-0238	phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) network low complexity phoronix-media fedoraproject	4.3
2022-01-15	CVE-2021-44537	Injection vulnerability in multiple products ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. local low complexity owncloud fedoraproject CWE-74	7.8
2022-01-15	CVE-2022-23094	NULL Pointer Dereference vulnerability in multiple products Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. network low complexity libreswan fedoraproject debian CWE-476	7.5
2022-01-14	CVE-2021-46019	NULL Pointer Dereference vulnerability in multiple products An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. local low complexity gnu fedoraproject CWE-476	5.5