Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-01 CVE-2022-42322 Memory Leak vulnerability in multiple products
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42323 Memory Leak vulnerability in multiple products
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42324 Incorrect Conversion between Numeric Types vulnerability in multiple products
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision.
local
low complexity
xen debian fedoraproject CWE-681
5.5
5.5
2022-11-01 CVE-2022-42325 Memory Leak vulnerability in multiple products
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42326 Memory Leak vulnerability in multiple products
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-10-30 CVE-2022-44020 Improper Preservation of Permissions vulnerability in multiple products
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2.
local
low complexity
opendev fedoraproject CWE-281
5.5
5.5
2022-10-19 CVE-2022-39253 Link Following vulnerability in multiple products
Git is an open source, scalable, distributed revision control system.
local
low complexity
git-scm fedoraproject apple debian CWE-59
5.5
5.5
2022-10-18 CVE-2020-15853 Unspecified vulnerability in Fedoraproject Supybot-Fedora
supybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS.
network
low complexity
fedoraproject
5.3
5.3
2022-10-17 CVE-2022-3165 An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format.
network
low complexity
qemu fedoraproject
6.5
6.5
2022-10-17 CVE-2022-3551 A vulnerability, which was classified as problematic, has been found in X.org Server.
network
low complexity
x-org debian fedoraproject
6.5
6.5