Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-26 CVE-2022-30786 Out-of-bounds Write vulnerability in multiple products
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
local
low complexity
tuxera fedoraproject debian CWE-787
7.8
7.8
2022-05-26 CVE-2022-30788 Out-of-bounds Write vulnerability in multiple products
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
local
low complexity
tuxera fedoraproject debian CWE-787
7.8
7.8
2022-05-26 CVE-2022-30789 Out-of-bounds Write vulnerability in multiple products
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
local
low complexity
tuxera debian fedoraproject CWE-787
7.8
7.8
2022-05-26 CVE-2022-1886 Heap-based Buffer Overflow vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject CWE-122
7.8
7.8
2022-05-25 CVE-2022-1851 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-125
7.8
7.8
2022-05-24 CVE-2021-42612 Use After Free vulnerability in multiple products
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
local
low complexity
halibut-project fedoraproject CWE-416
7.8
7.8
2022-05-24 CVE-2021-42613 Double Free vulnerability in multiple products
A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document.
local
low complexity
halibut-project fedoraproject CWE-415
7.8
7.8
2022-05-24 CVE-2021-42614 Use After Free vulnerability in multiple products
A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
local
low complexity
halibut-project fedoraproject CWE-416
7.8
7.8
2022-05-24 CVE-2022-29217 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
PyJWT is a Python implementation of RFC 7519.
network
low complexity
pyjwt-project fedoraproject CWE-327
7.5
7.5
2022-05-24 CVE-2022-29221 Code Injection vulnerability in multiple products
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject CWE-94
8.8
8.8