Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-31779 Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-10 CVE-2022-31780 Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject
7.5
7.5
2022-08-06 CVE-2022-37451 Release of Invalid Pointer or Reference vulnerability in multiple products
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
network
low complexity
exim fedoraproject CWE-763
7.5
7.5
2022-08-05 CVE-2022-1158 Use After Free vulnerability in multiple products
A flaw was found in KVM.
local
low complexity
linux fedoraproject redhat CWE-416
7.8
7.8
2022-08-05 CVE-2022-1973 A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal.
local
low complexity
linux fedoraproject netapp
7.1
7.1
2022-08-03 CVE-2022-31197 PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code.
network
low complexity
postgresql debian fedoraproject
8.0
8.0
2022-08-02 CVE-2022-29154 Improper Input Validation vulnerability in multiple products
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers.
network
high complexity
samba fedoraproject CWE-20
7.4
7.4
2022-08-01 CVE-2022-35922 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. 		7.5
7.5
2022-08-01 CVE-2022-2509 Double Free vulnerability in multiple products
A vulnerability found in gnutls.
network
low complexity
gnu redhat fedoraproject debian CWE-415
7.5
7.5
2022-07-28 CVE-2022-2163 Use After Free vulnerability in multiple products
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
network
low complexity
google fedoraproject CWE-416
8.8
8.8