Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-18 | CVE-2022-1381 | global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. | 7.8 |
| 2022-04-15 | CVE-2022-28042 | Use After Free vulnerability in multiple products stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode. | 8.8 |
| 2022-04-15 | CVE-2022-28048 | Incorrect Calculation vulnerability in multiple products STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac. | 8.8 |
| 2022-04-14 | CVE-2022-1304 | An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. | 7.8 |
| 2022-04-13 | CVE-2022-24828 | Argument Injection or Modification vulnerability in multiple products Composer is a dependency manager for the PHP programming language. | 8.8 |
| 2022-04-13 | CVE-2015-20107 | Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. | 7.6 |
| 2022-04-12 | CVE-2022-24070 | Use After Free vulnerability in multiple products Subversion's mod_dav_svn is vulnerable to memory corruption. | 7.5 |
| 2022-04-12 | CVE-2022-24765 | Git for Windows is a fork of Git containing Windows-specific patches. | 7.8 |
| 2022-04-11 | CVE-2022-24836 | Nokogiri is an open source XML and HTML library for Ruby. | 7.5 |
| 2022-04-08 | CVE-2022-28796 | Race Condition vulnerability in multiple products jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | 7.0 |