Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2022-09-26 CVE-2022-3197 Use After Free vulnerability in multiple products
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-09-26 CVE-2022-3198 Use After Free vulnerability in multiple products
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-09-26 CVE-2022-3199 Use After Free vulnerability in multiple products
Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-09-26 CVE-2022-3200 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2022-09-26 CVE-2022-3201 Improper Input Validation vulnerability in multiple products
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-20
5.4
5.4
2022-09-26 CVE-2022-3204 Resource Exhaustion vulnerability in multiple products
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software.
network
low complexity
nlnetlabs fedoraproject CWE-400
7.5
7.5
2022-09-26 CVE-2022-21797 The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
network
low complexity
joblib-project fedoraproject debian
critical
 9.8
9.8
2022-09-25 CVE-2022-3297 Use After Free in GitHub repository vim/vim prior to 9.0.0579.
local
low complexity
vim fedoraproject
7.8
7.8
2022-09-25 CVE-2022-3296 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
local
low complexity
vim fedoraproject
7.8
7.8
2022-09-23 CVE-2022-3278 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
local
low complexity
vim fedoraproject
5.5
5.5