Vulnerabilities > Fedoraproject > Fedora > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-16 | CVE-2022-1586 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. | 9.1 |
2022-05-16 | CVE-2022-30767 | Classic Buffer Overflow vulnerability in multiple products nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. | 9.8 |
2022-05-14 | CVE-2022-1379 | Server-Side Request Forgery (SSRF) vulnerability in multiple products URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. | 9.1 |
2022-05-06 | CVE-2022-1053 | Improper Input Validation vulnerability in multiple products Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. | 9.1 |
2022-05-05 | CVE-2022-29502 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. | 9.8 |
2022-05-04 | CVE-2022-30292 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call. | 10.0 |
2022-05-03 | CVE-2022-1292 | OS Command Injection vulnerability in multiple products The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. | 9.8 |
2022-04-26 | CVE-2022-24883 | Improper Authentication vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). | 9.8 |
2022-04-22 | CVE-2022-27404 | Out-of-bounds Write vulnerability in multiple products FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. | 9.8 |
2022-04-19 | CVE-2022-25648 | Argument Injection or Modification vulnerability in multiple products The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. | 9.8 |