Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-45059 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. 		7.5
7.5
2022-11-09 CVE-2022-45060 An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. 7.5
7.5
2022-11-08 CVE-2022-39377 sysstat is a set of system performance tools for the Linux operating system.
local
low complexity
sysstat-project debian fedoraproject
7.8
7.8
2022-11-07 CVE-2022-42919 Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration.
local
low complexity
python fedoraproject
7.8
7.8
2022-11-06 CVE-2022-40284 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow was discovered in NTFS-3G before 2022.10.3.
local
low complexity
tuxera debian fedoraproject CWE-120
7.8
7.8
2022-11-03 CVE-2022-44638 Integer Overflow or Wraparound vulnerability in multiple products
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
network
low complexity
pixman debian fedoraproject CWE-190
8.8
8.8
2022-11-01 CVE-2022-42823 Type Confusion vulnerability in multiple products
A type confusion issue was addressed with improved memory handling.
network
low complexity
apple fedoraproject debian CWE-843
8.8
8.8
2022-11-01 CVE-2022-3602 Out-of-bounds Write vulnerability in multiple products
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.
network
low complexity
openssl fedoraproject netapp nodejs CWE-787
7.5
7.5
2022-11-01 CVE-2022-3786 Classic Buffer Overflow vulnerability in multiple products
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.
network
low complexity
openssl fedoraproject nodejs CWE-120
7.5
7.5
2022-11-01 CVE-2022-39369 phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server.
network
low complexity
apereo fedoraproject
8.0
8.0