Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-07 | CVE-2022-46663 | In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | 7.5 |
| 2023-02-04 | CVE-2023-25193 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | 7.5 |
| 2023-01-20 | CVE-2022-47021 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts. | 7.8 |
| 2023-01-18 | CVE-2023-22809 | Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. | 7.8 |
| 2023-01-17 | CVE-2022-47318 | ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. | 8.0 |
| 2023-01-10 | CVE-2022-4379 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. | 7.5 |
| 2023-01-04 | CVE-2023-0049 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | 7.8 |
| 2022-12-24 | CVE-2022-46175 | JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. | 8.8 |
| 2022-12-23 | CVE-2022-43551 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. | 7.5 |
| 2022-12-14 | CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |