Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-01 CVE-2022-42325 Memory Leak vulnerability in multiple products
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42326 Memory Leak vulnerability in multiple products
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-10-30 CVE-2022-44020 Improper Preservation of Permissions vulnerability in multiple products
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2.
local
low complexity
opendev fedoraproject CWE-281
5.5
5.5
2022-10-19 CVE-2022-39253 Link Following vulnerability in multiple products
Git is an open source, scalable, distributed revision control system.
local
low complexity
git-scm fedoraproject apple debian CWE-59
5.5
5.5
2022-10-18 CVE-2020-15853 Unspecified vulnerability in Fedoraproject Supybot-Fedora
supybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS.
network
low complexity
fedoraproject
5.3
5.3
2022-10-17 CVE-2022-3165 An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format.
network
low complexity
qemu fedoraproject
6.5
6.5
2022-10-17 CVE-2022-3551 A vulnerability, which was classified as problematic, has been found in X.org Server.
network
low complexity
x-org debian fedoraproject
6.5
6.5
2022-10-14 CVE-2022-2850 NULL Pointer Dereference vulnerability in multiple products
A flaw was found In 389-ds-base.
network
low complexity
redhat fedoraproject port389 debian CWE-476
6.5
6.5
2022-10-14 CVE-2022-42721 Infinite Loop vulnerability in multiple products
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
local
low complexity
linux fedoraproject debian CWE-835
5.5
5.5
2022-10-14 CVE-2022-42722 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
local
low complexity
linux fedoraproject debian CWE-476
5.5
5.5