Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-32743 Incorrect Default Permissions vulnerability in multiple products
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
network
low complexity
samba fedoraproject CWE-276
7.5
7.5
2022-08-31 CVE-2022-2132 A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk fedoraproject debian redhat
8.6
8.6
2022-08-31 CVE-2022-3028 Out-of-bounds Write vulnerability in multiple products
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously.
local
high complexity
linux fedoraproject debian CWE-787
7.0
7.0
2022-08-30 CVE-2022-3037 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 9.0.0322.
local
low complexity
vim fedoraproject CWE-416
7.8
7.8
2022-08-30 CVE-2022-38784 Integer Overflow or Wraparound vulnerability in multiple products
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc).
local
low complexity
freedesktop debian fedoraproject CWE-190
7.8
7.8
2022-08-29 CVE-2022-0336 Incorrect Default Permissions vulnerability in multiple products
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database.
network
low complexity
samba fedoraproject CWE-276
8.8
8.8
2022-08-29 CVE-2022-0367 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.
local
low complexity
libmodbus fedoraproject debian CWE-787
7.8
7.8
2022-08-29 CVE-2022-2961 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function.
local
high complexity
linux fedoraproject netapp CWE-362
7.0
7.0
2022-08-28 CVE-2022-3016 Use After Free vulnerability in multiple products
Use After Free in GitHub repository vim/vim prior to 9.0.0286.
local
low complexity
vim fedoraproject CWE-416
7.8
7.8
2022-08-25 CVE-2021-3929 Use After Free vulnerability in multiple products
A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU.
local
low complexity
qemu fedoraproject CWE-416
8.2
8.2