Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2022-05-06 CVE-2022-1053 Improper Input Validation vulnerability in multiple products
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote.
network
low complexity
keylime fedoraproject CWE-20
critical
 9.1
9.1
2022-05-06 CVE-2022-24884 Improper Verification of Cryptographic Signature vulnerability in multiple products
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). 		7.5
7.5
2022-05-06 CVE-2022-24903 Improper Validation of Specified Quantity in Input vulnerability in multiple products
Rsyslog is a rocket-fast system for log processing.
network
high complexity
rsyslog fedoraproject debian netapp CWE-1284
8.1
8.1
2022-05-05 CVE-2022-27337 A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
network
low complexity
freedesktop fedoraproject debian
6.5
6.5
2022-05-05 CVE-2022-29500 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2022-05-05 CVE-2022-29501 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2022-05-05 CVE-2022-29502 SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.
network
low complexity
schedmd fedoraproject
critical
 9.8
9.8
2022-05-04 CVE-2022-30292 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.
network
low complexity
squirrel-lang fedoraproject CWE-787
critical
 10.0
10
2022-05-04 CVE-2022-20770 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian
7.5
7.5
2022-05-04 CVE-2022-20771 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco fedoraproject debian
7.5
7.5