Vulnerabilities > Fedoraproject > Fedora > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2022-21166 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
xen fedoraproject intel CWE-459
2.1
2022-06-15 CVE-2022-21123 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
xen fedoraproject intel CWE-459
2.1
2022-06-15 CVE-2022-21125 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
xen fedoraproject intel CWE-459
2.1
2022-05-18 CVE-2022-30596 Cross-site Scripting vulnerability in multiple products
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.
3.5
2022-04-27 CVE-2022-24736 NULL Pointer Dereference vulnerability in multiple products
Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject CWE-476
2.1
2022-03-25 CVE-2021-3941 Divide By Zero vulnerability in multiple products
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value.
local
low complexity
openexr redhat fedoraproject CWE-369
2.1
2022-03-25 CVE-2022-0322 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access.
local
low complexity
linux fedoraproject CWE-704
2.1
2022-03-16 CVE-2021-20257 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU.
local
low complexity
qemu fedoraproject redhat CWE-835
2.1
2022-03-10 CVE-2021-4095 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context.
1.9
2022-03-10 CVE-2021-3739 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’.
local
low complexity
linux fedoraproject netapp CWE-476
3.6