Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2022-01-16 CVE-2022-0238 phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)
network
low complexity
phoronix-media fedoraproject
4.3
4.3
2022-01-15 CVE-2021-44537 Injection vulnerability in multiple products
ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
local
low complexity
owncloud fedoraproject CWE-74
7.8
7.8
2022-01-15 CVE-2022-23094 NULL Pointer Dereference vulnerability in multiple products
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists.
network
low complexity
libreswan fedoraproject debian CWE-476
7.5
7.5
2022-01-14 CVE-2021-46019 NULL Pointer Dereference vulnerability in multiple products
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-476
5.5
5.5
2022-01-14 CVE-2021-46021 Use After Free vulnerability in multiple products
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-416
5.5
5.5
2022-01-14 CVE-2021-46022 Use After Free vulnerability in multiple products
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-416
5.5
5.5
2022-01-14 CVE-2022-21680 Marked is a markdown parser and compiler.
network
low complexity
marked-project fedoraproject
7.5
7.5
2022-01-14 CVE-2022-21681 Marked is a markdown parser and compiler.
network
low complexity
marked-project fedoraproject
7.5
7.5
2022-01-14 CVE-2022-23222 NULL Pointer Dereference vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
local
low complexity
linux debian netapp fedoraproject CWE-476
7.8
7.8
2022-01-13 CVE-2022-21682 Path Traversal vulnerability in multiple products
Flatpak is a Linux application sandboxing and distribution framework.
network
low complexity
flatpak fedoraproject redhat debian CWE-22
6.5
6.5