Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-26 | CVE-2022-27940 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | 7.8 |
| 2022-03-26 | CVE-2022-27941 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | 7.8 |
| 2022-03-26 | CVE-2022-27942 | Out-of-bounds Read vulnerability in multiple products tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | 7.8 |
| 2022-03-25 | CVE-2021-4157 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). | 8.0 |
| 2022-03-25 | CVE-2022-0330 | A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. | 7.8 |
| 2022-03-25 | CVE-2022-0435 | Out-of-bounds Write vulnerability in multiple products A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. | 8.8 |
| 2022-03-25 | CVE-2022-0500 | Out-of-bounds Write vulnerability in multiple products A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. | 7.8 |
| 2022-03-25 | CVE-2022-0983 | SQL Injection vulnerability in multiple products An SQL injection risk was identified in Badges code relating to configuring criteria. | 8.8 |
| 2022-03-25 | CVE-2022-0995 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. | 7.8 |
| 2022-03-25 | CVE-2022-24778 | Incorrect Authorization vulnerability in multiple products The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. | 7.5 |