Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-23 | CVE-2021-31566 | An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. | 7.8 |
| 2022-08-23 | CVE-2021-3670 | MaxQueryDuration not honoured in Samba AD DC LDAP | 6.5 |
| 2022-08-23 | CVE-2021-3839 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the vhost library in DPDK. | 7.5 |
| 2022-08-23 | CVE-2021-3905 | Memory Leak vulnerability in multiple products A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. | 7.5 |
| 2022-08-23 | CVE-2022-25761 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. | 7.5 |
| 2022-08-23 | CVE-2021-28861 | Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | 7.4 |
| 2022-08-22 | CVE-2022-2923 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. | 5.5 |
| 2022-08-22 | CVE-2021-3659 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. | 5.5 |
| 2022-08-22 | CVE-2022-2873 | Incorrect Calculation of Buffer Size vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. | 5.5 |
| 2022-08-19 | CVE-2022-2889 | Use After Free in GitHub repository vim/vim prior to 9.0.0225. | 7.8 |