Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2022-08-23 CVE-2022-25761 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.
network
low complexity
open62541 fedoraproject CWE-770
7.5
7.5
2022-08-23 CVE-2021-28861 Open Redirect vulnerability in multiple products
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure.
network
low complexity
python fedoraproject CWE-601
7.4
7.4
2022-08-22 CVE-2022-2923 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
local
low complexity
vim fedoraproject
5.5
5.5
2022-08-22 CVE-2021-3659 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection.
local
low complexity
linux fedoraproject redhat CWE-476
5.5
5.5
2022-08-22 CVE-2022-2873 Incorrect Calculation of Buffer Size vulnerability in multiple products
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. 		5.5
5.5
2022-08-19 CVE-2022-2889 Use After Free in GitHub repository vim/vim prior to 9.0.0225.
local
low complexity
vim fedoraproject
7.8
7.8
2022-08-18 CVE-2022-37047 Out-of-bounds Write vulnerability in multiple products
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713.
local
low complexity
broadcom fedoraproject CWE-787
7.8
7.8
2022-08-18 CVE-2022-37048 Out-of-bounds Write vulnerability in multiple products
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344.
local
low complexity
broadcom fedoraproject CWE-787
7.8
7.8
2022-08-18 CVE-2022-37049 Out-of-bounds Write vulnerability in multiple products
The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150.
local
low complexity
broadcom fedoraproject CWE-787
7.8
7.8
2022-08-18 CVE-2022-2625 A vulnerability was found in PostgreSQL.
network
low complexity
postgresql fedoraproject redhat
8.0
8.0