Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2022-07-05 CVE-2022-33742 Information Exposure vulnerability in multiple products
Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
local
low complexity
fedoraproject debian linux xen CWE-200
7.1
7.1
2022-07-05 CVE-2022-2097 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. 		5.3
5.3
2022-07-05 CVE-2022-2309 NULL Pointer Dereference allows attackers to cause a denial of service (or application crash).
network
low complexity
lxml fedoraproject
7.5
7.5
2022-07-03 CVE-2022-2289 Use After Free in GitHub repository vim/vim prior to 9.0.
local
low complexity
vim fedoraproject
7.8
7.8
2022-07-03 CVE-2022-2288 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
local
low complexity
vim fedoraproject
7.8
7.8
2022-07-02 CVE-2022-2287 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
local
low complexity
vim fedoraproject
7.1
7.1
2022-07-02 CVE-2022-34911 Cross-site Scripting vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1.
network
low complexity
mediawiki fedoraproject CWE-79
6.1
6.1
2022-07-02 CVE-2022-34912 An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1.
network
low complexity
mediawiki fedoraproject
6.1
6.1
2022-07-02 CVE-2022-2286 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
local
low complexity
vim fedoraproject
7.8
7.8
2022-07-02 CVE-2022-2285 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
local
low complexity
vim fedoraproject debian
7.8
7.8