Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-12 | CVE-2022-39283 | Use of Uninitialized Resource vulnerability in multiple products FreeRDP is a free remote desktop protocol library and clients. | 7.5 |
| 2022-10-12 | CVE-2022-3171 | A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. | 7.5 |
| 2022-10-11 | CVE-2022-41032 | NuGet Client Elevation of Privilege Vulnerability | 7.8 |
| 2022-10-06 | CVE-2022-41556 | Memory Leak vulnerability in multiple products A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. | 7.5 |
| 2022-09-30 | CVE-2022-40313 | Cross-site Scripting vulnerability in multiple products Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load. | 7.1 |
| 2022-09-29 | CVE-2022-3352 | Use After Free in GitHub repository vim/vim prior to 9.0.0614. | 7.8 |
| 2022-09-28 | CVE-2022-39261 | Path Traversal vulnerability in multiple products Twig is a template language for PHP. | 7.5 |
| 2022-09-27 | CVE-2022-3324 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. | 7.8 |
| 2022-09-26 | CVE-2022-2852 | Use After Free vulnerability in multiple products Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-09-26 | CVE-2022-2853 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |