Vulnerabilities > Fedoraproject > Fedora > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-05 | CVE-2022-27337 | A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 6.5 |
2022-05-04 | CVE-2022-20796 | NULL Pointer Dereference vulnerability in multiple products On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. | 5.5 |
2022-05-03 | CVE-2022-29824 | Integer Overflow or Wraparound vulnerability in multiple products In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. | 6.5 |
2022-04-29 | CVE-2022-0984 | Incorrect Authorization vulnerability in multiple products Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | 4.3 |
2022-04-29 | CVE-2022-1015 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. | 6.6 |
2022-04-28 | CVE-2022-29869 | Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 5.3 |
2022-04-27 | CVE-2022-24736 | Redis is an in-memory database that persists on disk. | 5.5 |
2022-04-27 | CVE-2022-1507 | NULL Pointer Dereference vulnerability in multiple products chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. | 5.5 |
2022-04-25 | CVE-2022-28506 | Out-of-bounds Write vulnerability in multiple products There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. | 5.5 |
2022-04-21 | CVE-2022-1420 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. | 5.5 |