Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-14 | CVE-2022-41674 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.19.16. | 8.1 |
| 2022-10-14 | CVE-2022-42720 | Use After Free vulnerability in multiple products Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. | 7.8 |
| 2022-10-14 | CVE-2022-42721 | Infinite Loop vulnerability in multiple products A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | 5.5 |
| 2022-10-14 | CVE-2022-42722 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | 5.5 |
| 2022-10-13 | CVE-2022-42719 | Use After Free vulnerability in multiple products A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. | 8.8 |
| 2022-10-12 | CVE-2022-39282 | FreeRDP is a free remote desktop protocol library and clients. | 7.5 |
| 2022-10-12 | CVE-2022-39283 | Use of Uninitialized Resource vulnerability in multiple products FreeRDP is a free remote desktop protocol library and clients. | 7.5 |
| 2022-10-12 | CVE-2022-3171 | A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. | 7.5 |
| 2022-10-11 | CVE-2022-3140 | Argument Injection or Modification vulnerability in multiple products LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. | 6.3 |
| 2022-10-11 | CVE-2022-41032 | NuGet Client Elevation of Privilege Vulnerability | 7.8 |