Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-29 | CVE-2022-35020 | Out-of-bounds Write vulnerability in multiple products Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc. | 5.5 |
| 2022-08-28 | CVE-2022-3016 | Use After Free in GitHub repository vim/vim prior to 9.0.0286. | 7.8 |
| 2022-08-27 | CVE-2022-38791 | Improper Locking vulnerability in multiple products In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. | 5.5 |
| 2022-08-26 | CVE-2022-0216 | A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. | 4.4 |
| 2022-08-26 | CVE-2021-3574 | Memory Leak vulnerability in multiple products A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. | 3.3 |
| 2022-08-26 | CVE-2021-3669 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |
| 2022-08-26 | CVE-2022-38533 | Out-of-bounds Write vulnerability in multiple products In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | 5.5 |
| 2022-08-25 | CVE-2021-35937 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A race condition vulnerability was found in rpm. | 6.4 |
| 2022-08-25 | CVE-2021-35938 | Link Following vulnerability in multiple products A symbolic link issue was found in rpm. | 6.7 |
| 2022-08-25 | CVE-2021-3929 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. | 8.2 |