Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-29 CVE-2022-0984 Incorrect Authorization vulnerability in multiple products
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.
network
low complexity
moodle fedoraproject redhat CWE-863
4.0
4.0
2022-04-29 CVE-2022-1015 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.
local
low complexity
linux fedoraproject CWE-787
6.6
6.6
2022-04-28 CVE-2022-29869 Information Exposure Through Log Files vulnerability in multiple products
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
network
low complexity
samba fedoraproject debian CWE-532
5.3
5.3
2022-04-27 CVE-2022-24736 NULL Pointer Dereference vulnerability in multiple products
Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle CWE-476
5.5
5.5
2022-04-27 CVE-2022-1507 NULL Pointer Dereference vulnerability in multiple products
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.
local
low complexity
chafa-project fedoraproject CWE-476
5.5
5.5
2022-04-25 CVE-2022-28506 Out-of-bounds Write vulnerability in multiple products
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
local
low complexity
giflib-project fedoraproject CWE-787
5.5
5.5
2022-04-21 CVE-2022-1420 Use of Out-of-range Pointer Offset vulnerability in multiple products
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
local
low complexity
vim fedoraproject apple CWE-823
5.5
5.5
2022-04-18 CVE-2021-42778 Double Free vulnerability in multiple products
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
network
low complexity
opensc-project fedoraproject redhat CWE-415
5.3
5.3
2022-04-18 CVE-2021-42779 Use After Free vulnerability in multiple products
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
network
low complexity
opensc-project fedoraproject redhat CWE-416
5.3
5.3
2022-04-18 CVE-2021-42780 Unchecked Return Value vulnerability in multiple products
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject redhat CWE-252
5.3
5.3