Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-03 CVE-2022-23833 Infinite Loop vulnerability in multiple products
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2.
network
low complexity
djangoproject fedoraproject debian CWE-835
7.5
2022-02-02 CVE-2022-0443 Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
2022-02-01 CVE-2022-0417 Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
2022-02-01 CVE-2021-43859 Resource Exhaustion vulnerability in multiple products
XStream is an open source java library to serialize objects to XML and back again.
7.5
2022-02-01 CVE-2021-46669 Use After Free vulnerability in multiple products
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
network
low complexity
mariadb fedoraproject debian CWE-416
7.5
2022-01-30 CVE-2022-0408 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
2022-01-30 CVE-2022-0413 Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
2022-01-29 CVE-2022-24122 Use After Free vulnerability in multiple products
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
local
low complexity
linux netapp fedoraproject CWE-416
7.8
2022-01-28 CVE-2022-0393 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject
7.1
2022-01-26 CVE-2022-23990 Integer Overflow or Wraparound vulnerability in multiple products
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
7.5