Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-03 | CVE-2022-31197 | SQL Injection vulnerability in multiple products PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. | 8.0 |
| 2022-08-02 | CVE-2022-29154 | Improper Input Validation vulnerability in multiple products An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. | 7.4 |
| 2022-08-01 | CVE-2022-35922 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. | 7.5 |
| 2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
| 2022-07-28 | CVE-2022-2163 | Use After Free vulnerability in multiple products Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | 8.8 |
| 2022-07-28 | CVE-2022-2294 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2295 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2296 | Use After Free vulnerability in multiple products Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | 8.8 |
| 2022-07-28 | CVE-2022-2007 | Use After Free vulnerability in multiple products Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2008 | Double Free vulnerability in multiple products Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |