Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-14 | CVE-2021-46021 | Use After Free vulnerability in multiple products An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | 5.5 |
| 2022-01-14 | CVE-2021-46022 | Use After Free vulnerability in multiple products An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | 5.5 |
| 2022-01-14 | CVE-2022-21680 | Marked is a markdown parser and compiler. | 7.5 |
| 2022-01-14 | CVE-2022-21681 | Marked is a markdown parser and compiler. | 7.5 |
| 2022-01-14 | CVE-2022-23222 | NULL Pointer Dereference vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | 7.8 |
| 2022-01-13 | CVE-2022-21682 | Path Traversal vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. | 6.5 |
| 2022-01-13 | CVE-2022-23132 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. | 7.3 |
| 2022-01-13 | CVE-2022-23133 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. | 5.4 |
| 2022-01-13 | CVE-2022-23134 | Improper Authentication vulnerability in multiple products After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. | 5.3 |
| 2022-01-13 | CVE-2022-0196 | phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | 8.8 |