VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-03-25
CVE-2018-25032
Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
network
low complexity
nokogiri
zlib
debian
fedoraproject
apple
python
mariadb
netapp
siemens
azul
goto
CWE-787
7.5
7.5
2022-03-23
CVE-2021-3618
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates.
network
high complexity
f5
sendmail
vsftpd-project
fedoraproject
debian
7.4
7.4
2022-03-23
CVE-2021-3748
Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the virtio-net device of QEMU.
local
high complexity
qemu
debian
canonical
fedoraproject
redhat
CWE-416
7.5
7.5
2022-03-23
CVE-2022-27666
Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c.
local
low complexity
linux
fedoraproject
redhat
netapp
debian
CWE-787
7.8
7.8
2022-03-18
CVE-2022-1011
Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write().
local
low complexity
linux
fedoraproject
redhat
netapp
debian
oracle
CWE-416
7.8
7.8
2022-03-18
CVE-2022-27191
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
network
low complexity
golang
fedoraproject
redhat
7.5
7.5
2022-03-16
CVE-2022-24729
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor
drupal
oracle
fedoraproject
7.5
7.5
2022-03-15
CVE-2021-45848
Improper Encoding or Escaping of Output vulnerability in multiple products
Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character.
network
low complexity
nicotine-plus
fedoraproject
CWE-116
7.5
7.5
2022-03-15
CVE-2022-0778
Infinite Loop vulnerability in multiple products
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.
network
low complexity
openssl
debian
netapp
fedoraproject
tenable
mariadb
nodejs
CWE-835
7.5
7.5
2022-03-14
CVE-2022-0943
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
local
low complexity
vim
fedoraproject
debian
apple
7.8
7.8
«
Previous
1
2
...
66
67
68
(current)
69
70
...
221
222
»
Next