Vulnerabilities > Fedoraproject > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-11 | CVE-2022-0561 | NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. | 5.5 |
2022-02-11 | CVE-2022-0562 | NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. | 5.5 |
2022-02-09 | CVE-2022-0529 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Unzip. | 5.5 |
2022-02-09 | CVE-2022-0530 | A flaw was found in Unzip. | 5.5 |
2022-02-08 | CVE-2022-21713 | Authorization Bypass Through User-Controlled Key vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 4.3 |
2022-02-08 | CVE-2022-21702 | Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 5.4 |
2022-02-04 | CVE-2021-40403 | An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. | 6.3 |
2022-02-03 | CVE-2022-22818 | Cross-site Scripting vulnerability in multiple products The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. | 6.1 |
2022-02-01 | CVE-2022-0419 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. | 5.5 |
2022-02-01 | CVE-2021-46661 | MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). | 5.5 |