VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
>
Fedora
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-01-13
CVE-2022-23132
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder.
network
low complexity
zabbix
fedoraproject
CWE-732
7.3
7.3
2022-01-13
CVE-2022-0196
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)
network
low complexity
phoronix-media
fedoraproject
8.8
8.8
2022-01-13
CVE-2022-0197
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)
network
low complexity
phoronix-media
fedoraproject
8.8
8.8
2022-01-12
CVE-2021-43860
Incorrect Default Permissions vulnerability in multiple products
Flatpak is a Linux application sandboxing and distribution framework.
local
low complexity
flatpak
fedoraproject
redhat
debian
CWE-276
8.6
8.6
2022-01-12
CVE-2021-44648
Out-of-bounds Write vulnerability in multiple products
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
network
low complexity
gnome
fedoraproject
debian
CWE-787
8.8
8.8
2022-01-10
CVE-2022-21668
Improper Validation of Specified Quantity in Input vulnerability in multiple products
pipenv is a Python development workflow tool.
local
low complexity
pypa
fedoraproject
CWE-1284
8.6
8.6
2022-01-10
CVE-2021-21408
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty
debian
fedoraproject
8.8
8.8
2022-01-10
CVE-2021-29454
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty
debian
fedoraproject
8.8
8.8
2022-01-06
CVE-2022-21661
SQL Injection vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress
fedoraproject
debian
CWE-89
7.5
7.5
2022-01-06
CVE-2022-21663
Deserialization of Untrusted Data vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress
debian
fedoraproject
CWE-502
7.2
7.2
«
Previous
1
2
...
78
79
80
(current)
81
82
...
219
220
»
Next