Total
4367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-4182 | 3 Fedoraproject, Oracle, Wireshark | 4 Fedora, Http Server, Zfs Storage Appliance Kit and 1 more | 2022-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-4181 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2022-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0585 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2022-11-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0586 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2022-11-04 | 7.8 HIGH | 7.5 HIGH |
| Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0582 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2022-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0581 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2022-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-0583 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2022-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2021-4185 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2022-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-1420 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-11-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. | |||||
| CVE-2022-1381 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-11-04 | 6.8 MEDIUM | 7.8 HIGH |
| global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution | |||||
| CVE-2021-42614 | 2 Fedoraproject, Halibut Project | 2 Fedora, Halibut | 2022-11-04 | 6.8 MEDIUM | 7.8 HIGH |
| A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. | |||||
| CVE-2021-42613 | 2 Fedoraproject, Halibut Project | 2 Fedora, Halibut | 2022-11-04 | 6.8 MEDIUM | 7.8 HIGH |
| A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. | |||||
| CVE-2021-42612 | 2 Fedoraproject, Halibut Project | 2 Fedora, Halibut | 2022-11-04 | 6.8 MEDIUM | 7.8 HIGH |
| A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. | |||||
| CVE-2021-45943 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Spatial And Graph and 1 more | 2022-11-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). | |||||
| CVE-2021-27815 | 2 Fedoraproject, Libexif Project | 2 Fedora, Exif | 2022-11-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash. | |||||
| CVE-2021-41159 | 2 Fedoraproject, Freerdp | 2 Fedora, Freerdp | 2022-11-04 | 6.8 MEDIUM | 8.8 HIGH |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway. | |||||
| CVE-2016-7103 | 5 Fedoraproject, Jquery, Netapp and 2 more | 9 Fedora, Jquery Ui, Snapcenter and 6 more | 2022-11-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | |||||
| CVE-2022-2795 | 3 Debian, Fedoraproject, Isc | 3 Debian Linux, Fedora, Bind | 2022-11-03 | N/A | 7.5 HIGH |
| By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. | |||||
| CVE-2021-45341 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Librecad | 2022-11-03 | 9.3 HIGH | 8.8 HIGH |
| A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | |||||
| CVE-2021-28876 | 2 Fedoraproject, Rust-lang | 2 Fedora, Rust | 2022-11-03 | 4.3 MEDIUM | 5.3 MEDIUM |
| In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | |||||