Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-28 CVE-2022-23598 laminas-form is a package for validating and displaying simple and complex forms.
network
low complexity
getlaminas fedoraproject
6.1
6.1
2022-01-26 CVE-2021-22570 NULL Pointer Dereference vulnerability in multiple products
Nullptr dereference when a null char is present in a proto symbol. 		5.5
5.5
2022-01-25 CVE-2022-23034 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled.
local
low complexity
xen fedoraproject debian CWE-191
5.5
5.5
2022-01-25 CVE-2022-23035 Incomplete Cleanup vulnerability in multiple products
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device.
low complexity
xen fedoraproject debian CWE-459
4.6
4.6
2022-01-25 CVE-2021-45343 NULL Pointer Dereference vulnerability in multiple products
In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.
local
low complexity
librecad fedoraproject debian CWE-476
5.5
5.5
2022-01-20 CVE-2022-21658 Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency.
local
high complexity
rust-lang fedoraproject apple
6.3
6.3
2022-01-18 CVE-2022-21673 Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana fedoraproject
4.3
4.3
2022-01-16 CVE-2022-0238 phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)
network
low complexity
phoronix-media fedoraproject
4.3
4.3
2022-01-14 CVE-2021-46019 NULL Pointer Dereference vulnerability in multiple products
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-476
5.5
5.5
2022-01-14 CVE-2021-46021 Use After Free vulnerability in multiple products
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-416
5.5
5.5