Total
5294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0367 | 3 Debian, Fedoraproject, Libmodbus | 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | |||||
| CVE-2022-0336 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | N/A | 8.8 HIGH |
| The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. | |||||
| CVE-2022-0330 | 4 Fedoraproject, Linux, Netapp and 1 more | 46 Fedora, Linux Kernel, H300e and 43 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. | |||||
| CVE-2022-0322 | 3 Fedoraproject, Linux, Oracle | 5 Fedora, Linux Kernel, Communications Cloud Native Core Binding Support Function and 2 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS). | |||||
| CVE-2022-0238 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2022-0216 | 2 Fedoraproject, Qemu | 2 Fedora, Qemu | 2024-11-21 | N/A | 4.4 MEDIUM |
| A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service. | |||||
| CVE-2022-0204 | 3 Bluez, Debian, Fedoraproject | 3 Bluez, Debian Linux, Fedora | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | |||||
| CVE-2022-0197 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2022-0196 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2022-0173 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| radare2 is vulnerable to Out-of-bounds Read | |||||
| CVE-2022-0158 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| vim is vulnerable to Heap-based Buffer Overflow | |||||
| CVE-2022-0157 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2022-0156 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| vim is vulnerable to Use After Free | |||||
| CVE-2022-0120 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website. | |||||
| CVE-2022-0118 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-0117 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-0116 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-0115 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2022-0114 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver. | |||||
| CVE-2022-0113 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||