Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-16 CVE-2021-20257 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU.
local
low complexity
qemu fedoraproject redhat debian CWE-835
6.5
6.5
2022-03-11 CVE-2022-0907 Unchecked Return Value vulnerability in multiple products
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff debian fedoraproject netapp CWE-252
5.5
5.5
2022-03-11 CVE-2022-0908 NULL Pointer Dereference vulnerability in multiple products
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
local
low complexity
libtiff debian fedoraproject netapp CWE-476
5.5
5.5
2022-03-11 CVE-2022-0909 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff debian fedoraproject netapp CWE-369
5.5
5.5
2022-03-11 CVE-2022-0924 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff debian fedoraproject netapp CWE-125
5.5
5.5
2022-03-11 CVE-2022-25601 Cross-site Scripting vulnerability in multiple products
Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4).
network
low complexity
plugin-planet fedoraproject CWE-79
6.1
6.1
2022-03-10 CVE-2021-44269 Out-of-bounds Read vulnerability in multiple products
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files.
local
low complexity
wavpack fedoraproject CWE-125
5.5
5.5
2022-03-10 CVE-2021-4023 A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1.
local
low complexity
linux fedoraproject
4.9
4.9
2022-03-10 CVE-2021-4095 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context.
local
low complexity
linux fedoraproject CWE-476
5.5
5.5
2022-03-10 CVE-2022-0433 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter.
local
low complexity
linux fedoraproject CWE-476
5.5
5.5