Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2022-0586 Infinite Loop vulnerability in multiple products
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-835
7.5
7.5
2022-02-14 CVE-2021-45444 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument.
local
low complexity
zsh fedoraproject debian apple
7.8
7.8
2022-02-14 CVE-2022-0572 Out-of-bounds Write vulnerability in multiple products
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian apple CWE-787
7.8
7.8
2022-02-12 CVE-2022-0096 Use After Free vulnerability in multiple products
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0098 Use After Free vulnerability in multiple products
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0099 Use After Free vulnerability in multiple products
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2022-02-12 CVE-2022-0100 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2022-02-12 CVE-2022-0101 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2022-02-12 CVE-2022-0102 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2022-02-12 CVE-2022-0103 Use After Free vulnerability in multiple products
Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8