Vulnerabilities > Fedoraproject > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-22 | CVE-2022-1941 | A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. | 7.5 |
2022-09-22 | CVE-2022-3256 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0530. | 7.8 |
2022-09-21 | CVE-2022-38177 | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. | 7.5 |
2022-09-21 | CVE-2022-38178 | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. | 7.5 |
2022-09-21 | CVE-2022-3080 | By sending specific queries to the resolver, an attacker can cause named to crash. | 7.5 |
2022-09-20 | CVE-2022-32886 | Out-of-bounds Write vulnerability in multiple products A buffer overflow issue was addressed with improved memory handling. | 8.8 |
2022-09-20 | CVE-2022-39957 | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. | 7.5 |
2022-09-20 | CVE-2022-39958 | Improper Encoding or Escaping of Output vulnerability in multiple products The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. | 7.5 |
2022-09-18 | CVE-2022-3235 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0490. | 7.8 |
2022-09-17 | CVE-2022-3234 | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. | 7.8 |