Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-24	CVE-2022-32209	Cross-site Scripting vulnerability in multiple products # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. network low complexity rubyonrails fedoraproject debian CWE-79	6.1
2022-06-23	CVE-2022-2183	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject	7.8
2022-06-23	CVE-2022-2182	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject	7.8
2022-06-23	CVE-2022-29526	Improper Privilege Management vulnerability in multiple products Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. network low complexity golang fedoraproject netapp CWE-269	5.3
2022-06-23	CVE-2022-33068	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. local low complexity harfbuzz-project fedoraproject CWE-190	5.5
2022-06-23	CVE-2022-33070	Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. local low complexity protobuf-c-project fedoraproject	5.5
2022-06-23	CVE-2022-2175	Out-of-bounds Read vulnerability in multiple products Buffer Over-read in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject CWE-125	7.8
2022-06-21	CVE-2022-2068	OS Command Injection vulnerability in multiple products In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. network low complexity openssl debian fedoraproject siemens netapp broadcom CWE-78 critical	9.8
2022-06-20	CVE-2022-1720	Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. local low complexity vim debian fedoraproject apple	7.8
2022-06-19	CVE-2022-2129	Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject debian	7.8

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject