Vulnerabilities > Fedoraproject > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-09 | CVE-2022-24464 | .NET and Visual Studio Denial of Service Vulnerability | 7.5 |
2022-03-08 | CVE-2022-24713 | regex is an implementation of regular expressions for the Rust language. | 7.5 |
2022-03-06 | CVE-2022-26490 | Classic Buffer Overflow vulnerability in multiple products st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. | 7.8 |
2022-03-04 | CVE-2021-3656 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
2022-03-04 | CVE-2021-3737 | Infinite Loop vulnerability in multiple products A flaw was found in python. | 7.5 |
2022-03-04 | CVE-2021-3575 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. | 7.8 |
2022-03-04 | CVE-2021-23214 | SQL Injection vulnerability in multiple products When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. | 8.1 |
2022-03-04 | CVE-2021-3743 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. | 7.1 |
2022-03-03 | CVE-2021-3640 | Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. | 7.0 |
2022-03-03 | CVE-2022-21716 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 7.5 |