Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-21339 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2022-01-18 | CVE-2022-21673 | Grafana is an open-source platform for monitoring and observability. | 4.3 |
| 2022-01-16 | CVE-2022-0238 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
| 2022-01-14 | CVE-2021-46019 | NULL Pointer Dereference vulnerability in multiple products An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | 5.5 |
| 2022-01-14 | CVE-2021-46021 | Use After Free vulnerability in multiple products An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | 5.5 |
| 2022-01-14 | CVE-2021-46022 | Use After Free vulnerability in multiple products An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | 5.5 |
| 2022-01-13 | CVE-2022-21682 | Path Traversal vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. | 6.5 |
| 2022-01-13 | CVE-2022-23133 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. | 5.4 |
| 2022-01-13 | CVE-2022-23134 | Improper Authentication vulnerability in multiple products After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. | 5.3 |
| 2022-01-11 | CVE-2022-0173 | Out-of-bounds Read vulnerability in multiple products radare2 is vulnerable to Out-of-bounds Read | 5.5 |