Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-4123 | Path Traversal vulnerability in multiple products A flaw was found in Buildah. | 3.3 |
| 2022-12-06 | CVE-2022-24439 | Improper Input Validation vulnerability in multiple products All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. | 9.8 |
| 2022-12-04 | CVE-2022-46391 | Cross-site Scripting vulnerability in multiple products AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 6.1 |
| 2022-11-30 | CVE-2022-46149 | Cap'n Proto is a data interchange format and remote procedure call (RPC) system. | 5.4 |
| 2022-11-29 | CVE-2022-4144 | An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. | 6.5 |
| 2022-11-29 | CVE-2022-4172 | An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. | 6.5 |
| 2022-11-28 | CVE-2022-4129 | Improper Locking vulnerability in multiple products A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). | 5.5 |
| 2022-11-28 | CVE-2022-45939 | OS Command Injection vulnerability in multiple products GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. | 7.8 |
| 2022-11-27 | CVE-2022-45934 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Linux kernel through 6.0.10. | 7.8 |
| 2022-11-25 | CVE-2022-39346 | Nextcloud server is an open source personal cloud server. | 6.5 |