Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-10 CVE-2023-22911 Cross-site Scripting vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1.
network
low complexity
mediawiki fedoraproject CWE-79
6.1
6.1
2022-12-15 CVE-2022-46392 Information Exposure Through Discrepancy vulnerability in multiple products
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
network
high complexity
arm fedoraproject CWE-203
5.3
5.3
2022-12-08 CVE-2022-41717 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests.
network
low complexity
golang fedoraproject CWE-770
5.3
5.3
2022-12-08 CVE-2022-4122 A vulnerability was found in buildah.
network
low complexity
podman-project fedoraproject
5.3
5.3
2022-12-04 CVE-2022-46391 Cross-site Scripting vulnerability in multiple products
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.
network
low complexity
awstats debian fedoraproject CWE-79
6.1
6.1
2022-11-30 CVE-2022-46149 Cap'n Proto is a data interchange format and remote procedure call (RPC) system.
network
low complexity
capnproto fedoraproject
5.4
5.4
2022-11-29 CVE-2022-4144 An out-of-bounds read flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu fedoraproject redhat
6.5
6.5
2022-11-29 CVE-2022-4172 An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions.
local
low complexity
qemu fedoraproject
6.5
6.5
2022-11-28 CVE-2022-4129 Improper Locking vulnerability in multiple products
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP).
local
low complexity
linux fedoraproject CWE-667
5.5
5.5
2022-11-25 CVE-2022-39346 Nextcloud server is an open source personal cloud server.
network
low complexity
nextcloud fedoraproject
6.5
6.5