Vulnerabilities > Fedoraproject > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-04 | CVE-2022-27650 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in crun where containers were incorrectly started with non-empty default permissions. | 7.5 |
2022-04-04 | CVE-2022-24801 | HTTP Request Smuggling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 8.1 |
2022-04-04 | CVE-2022-24785 | Path Traversal: 'dir/../../filename' vulnerability in multiple products Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. | 7.5 |
2022-04-03 | CVE-2022-28390 | Double Free vulnerability in multiple products ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. | 7.8 |
2022-04-01 | CVE-2021-3847 | Improper Preservation of Permissions vulnerability in multiple products An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. | 7.2 |
2022-03-30 | CVE-2022-24790 | HTTP Request Smuggling vulnerability in multiple products Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. | 7.5 |
2022-03-30 | CVE-2022-1160 | Heap-based Buffer Overflow vulnerability in multiple products heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. | 7.8 |
2022-03-30 | CVE-2022-1154 | Use After Free vulnerability in multiple products Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. | 7.8 |
2022-03-29 | CVE-2022-1055 | Use After Free vulnerability in multiple products A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. | 7.8 |
2022-03-26 | CVE-2022-27940 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | 7.8 |