Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-28 CVE-2022-29869 Information Exposure Through Log Files vulnerability in multiple products
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
network
low complexity
samba fedoraproject debian CWE-532
5.3
5.3
2022-04-27 CVE-2022-24736 Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle
5.5
5.5
2022-04-27 CVE-2022-1507 NULL Pointer Dereference vulnerability in multiple products
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.
local
low complexity
chafa-project fedoraproject CWE-476
5.5
5.5
2022-04-25 CVE-2022-28506 Out-of-bounds Write vulnerability in multiple products
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
local
low complexity
giflib-project fedoraproject CWE-787
5.5
5.5
2022-04-21 CVE-2022-1420 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
local
low complexity
vim fedoraproject apple
5.5
5.5
2022-04-18 CVE-2021-42778 Double Free vulnerability in multiple products
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
network
low complexity
opensc-project fedoraproject redhat CWE-415
5.3
5.3
2022-04-18 CVE-2021-42779 Use After Free vulnerability in multiple products
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.
network
low complexity
opensc-project fedoraproject redhat CWE-416
5.3
5.3
2022-04-18 CVE-2021-42780 Unchecked Return Value vulnerability in multiple products
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject redhat CWE-252
5.3
5.3
2022-04-18 CVE-2021-42781 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject redhat CWE-787
5.3
5.3
2022-04-18 CVE-2021-42782 Out-of-bounds Write vulnerability in multiple products
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
network
low complexity
opensc-project fedoraproject CWE-787
5.3
5.3