Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2022-23035 | Incomplete Cleanup vulnerability in multiple products Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. | 4.6 |
| 2022-01-25 | CVE-2021-45342 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | 7.8 |
| 2022-01-25 | CVE-2021-45343 | NULL Pointer Dereference vulnerability in multiple products In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document. | 5.5 |
| 2022-01-25 | CVE-2021-45341 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | 8.8 |
| 2022-01-20 | CVE-2021-45417 | Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787 | 7.8 |
| 2022-01-20 | CVE-2022-21658 | Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. | 6.3 |
| 2022-01-19 | CVE-2022-21699 | IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. | 8.8 |
| 2022-01-18 | CVE-2022-21673 | Grafana is an open-source platform for monitoring and observability. | 4.3 |
| 2022-01-17 | CVE-2022-23303 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. | 9.8 |
| 2022-01-17 | CVE-2022-23304 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. | 9.8 |