Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-08-31 CVE-2022-2153 A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ.
local
low complexity
linux fedoraproject redhat debian
5.5
5.5
2022-08-31 CVE-2022-3028 Out-of-bounds Write vulnerability in multiple products
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously.
local
high complexity
linux fedoraproject debian CWE-787
7.0
7.0
2022-08-30 CVE-2022-3037 Use After Free in GitHub repository vim/vim prior to 9.0.0322.
local
low complexity
vim fedoraproject
7.8
7.8
2022-08-30 CVE-2022-38784 Integer Overflow or Wraparound vulnerability in multiple products
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc).
local
low complexity
freedesktop debian fedoraproject CWE-190
7.8
7.8
2022-08-29 CVE-2022-0336 Incorrect Default Permissions vulnerability in multiple products
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database.
network
low complexity
samba fedoraproject CWE-276
8.8
8.8
2022-08-29 CVE-2022-0367 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.
local
low complexity
libmodbus fedoraproject debian CWE-787
7.8
7.8
2022-08-29 CVE-2022-1204 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol.
local
low complexity
linux fedoraproject debian CWE-416
5.5
5.5
2022-08-29 CVE-2022-2961 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function.
local
high complexity
linux fedoraproject netapp CWE-362
7.0
7.0
2022-08-29 CVE-2022-35014 Advancecomp v2.3 contains a segmentation fault.
local
low complexity
advancemame fedoraproject
5.5
5.5
2022-08-29 CVE-2022-35015 Out-of-bounds Write vulnerability in multiple products
Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.
local
low complexity
advancemame fedoraproject CWE-787
5.5
5.5