Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-26 CVE-2022-3048 Incorrect Authorization vulnerability in multiple products
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.
low complexity
google fedoraproject CWE-863
6.8
6.8
2022-09-26 CVE-2022-3053 Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3
2022-09-26 CVE-2022-3054 Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
6.5
2022-09-26 CVE-2022-3056 Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
6.5
2022-09-26 CVE-2022-3057 Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
6.5
2022-09-26 CVE-2022-3201 Improper Input Validation vulnerability in multiple products
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-20
5.4
5.4
2022-09-23 CVE-2022-3278 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
local
low complexity
vim fedoraproject
5.5
5.5
2022-09-21 CVE-2022-2795 By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
network
low complexity
isc debian fedoraproject
5.3
5.3
2022-09-20 CVE-2022-35957 Grafana is an open-source platform for monitoring and observability.
network
high complexity
grafana fedoraproject
6.6
6.6
2022-09-19 CVE-2022-3213 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow issue was found in ImageMagick.
local
low complexity
imagemagick fedoraproject CWE-787
5.5
5.5