Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2022-23133 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. | 5.4 |
| 2022-01-13 | CVE-2022-23134 | Improper Authentication vulnerability in multiple products After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. | 5.3 |
| 2022-01-11 | CVE-2022-0173 | Out-of-bounds Read vulnerability in multiple products radare2 is vulnerable to Out-of-bounds Read | 5.5 |
| 2022-01-11 | CVE-2021-44647 | Type Confusion vulnerability in multiple products Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service. | 5.5 |
| 2022-01-10 | CVE-2022-0156 | vim is vulnerable to Use After Free | 5.5 |
| 2022-01-10 | CVE-2022-0157 | Cross-site Scripting vulnerability in multiple products phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 5.4 |
| 2022-01-06 | CVE-2021-46141 | Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. | 5.5 |
| 2022-01-06 | CVE-2021-46142 | Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. | 5.5 |
| 2022-01-05 | CVE-2021-45452 | Path Traversal vulnerability in multiple products Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. | 5.3 |
| 2022-01-01 | CVE-2021-45930 | Out-of-bounds Write vulnerability in multiple products Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | 5.5 |