Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-02 | CVE-2022-29154 | Improper Input Validation vulnerability in multiple products An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. | 7.4 |
| 2022-08-01 | CVE-2022-35922 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. | 7.5 |
| 2022-08-01 | CVE-2022-30698 | Insufficient Session Expiration vulnerability in multiple products NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. | 6.5 |
| 2022-08-01 | CVE-2022-30699 | Insufficient Session Expiration vulnerability in multiple products NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. | 6.5 |
| 2022-08-01 | CVE-2022-2509 | Double Free vulnerability in multiple products A vulnerability found in gnutls. | 7.5 |
| 2022-07-29 | CVE-2022-34526 | Out-of-bounds Write vulnerability in multiple products A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. | 6.5 |
| 2022-07-28 | CVE-2021-41556 | Out-of-bounds Read vulnerability in multiple products sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. | 10.0 |
| 2022-07-28 | CVE-2022-2553 | The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. | 6.5 |
| 2022-07-28 | CVE-2022-2163 | Use After Free vulnerability in multiple products Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | 8.8 |
| 2022-07-28 | CVE-2022-2294 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |