Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2022-10-17 CVE-2022-41751 OS Command Injection vulnerability in multiple products
Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.
local
low complexity
jhead-project fedoraproject debian CWE-78
7.8
7.8
2022-10-17 CVE-2022-3165 An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format.
network
low complexity
qemu fedoraproject
6.5
6.5
2022-10-17 CVE-2022-3550 A vulnerability classified as critical was found in X.org Server.
network
low complexity
x-org debian fedoraproject
8.8
8.8
2022-10-17 CVE-2022-3551 A vulnerability, which was classified as problematic, has been found in X.org Server.
network
low complexity
x-org debian fedoraproject
6.5
6.5
2022-10-14 CVE-2022-2850 NULL Pointer Dereference vulnerability in multiple products
A flaw was found In 389-ds-base.
network
low complexity
redhat fedoraproject port389 debian CWE-476
6.5
6.5
2022-10-14 CVE-2022-2963 Memory Leak vulnerability in multiple products
A vulnerability found in jasper.
network
low complexity
jasper-project fedoraproject redhat CWE-401
7.5
7.5
2022-10-14 CVE-2022-41674 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.19.16. 		8.1
8.1
2022-10-14 CVE-2022-42720 Use After Free vulnerability in multiple products
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
local
low complexity
linux fedoraproject debian CWE-416
7.8
7.8
2022-10-14 CVE-2022-42721 Infinite Loop vulnerability in multiple products
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
local
low complexity
linux fedoraproject debian CWE-835
5.5
5.5
2022-10-14 CVE-2022-42722 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
local
low complexity
linux fedoraproject debian CWE-476
5.5
5.5