Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-03 | CVE-2022-23833 | Infinite Loop vulnerability in multiple products An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. | 7.5 |
| 2022-02-02 | CVE-2022-0443 | Use After Free in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-02-01 | CVE-2022-0417 | Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-02-01 | CVE-2021-43859 | Resource Exhaustion vulnerability in multiple products XStream is an open source java library to serialize objects to XML and back again. | 7.5 |
| 2022-02-01 | CVE-2021-46669 | Use After Free vulnerability in multiple products MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. | 7.5 |
| 2022-01-30 | CVE-2022-0408 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-01-30 | CVE-2022-0413 | Use After Free in GitHub repository vim/vim prior to 8.2. | 7.8 |
| 2022-01-29 | CVE-2022-24122 | Use After Free vulnerability in multiple products kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. | 7.8 |
| 2022-01-28 | CVE-2022-0393 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | 7.1 |
| 2022-01-26 | CVE-2022-23990 | Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | 7.5 |