Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fedoraproject Subscribe
Total 4434 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0582 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-11-04 7.5 HIGH 9.8 CRITICAL
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
CVE-2022-0581 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-11-04 5.0 MEDIUM 7.5 HIGH
Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
CVE-2022-0583 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-11-04 5.0 MEDIUM 7.5 HIGH
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
CVE-2021-4185 4 Debian, Fedoraproject, Oracle and 1 more 5 Debian Linux, Fedora, Http Server and 2 more 2022-11-04 5.0 MEDIUM 7.5 HIGH
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVE-2022-1420 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-11-04 4.3 MEDIUM 5.5 MEDIUM
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVE-2022-1381 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-11-04 6.8 MEDIUM 7.8 HIGH
global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVE-2021-42614 2 Fedoraproject, Halibut Project 2 Fedora, Halibut 2022-11-04 6.8 MEDIUM 7.8 HIGH
A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
CVE-2021-42612 2 Fedoraproject, Halibut Project 2 Fedora, Halibut 2022-11-04 6.8 MEDIUM 7.8 HIGH
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
CVE-2021-42613 2 Fedoraproject, Halibut Project 2 Fedora, Halibut 2022-11-04 6.8 MEDIUM 7.8 HIGH
A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document.
CVE-2021-45943 4 Debian, Fedoraproject, Oracle and 1 more 4 Debian Linux, Fedora, Spatial And Graph and 1 more 2022-11-04 4.3 MEDIUM 5.5 MEDIUM
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
CVE-2021-41159 2 Fedoraproject, Freerdp 2 Fedora, Freerdp 2022-11-04 6.8 MEDIUM 8.8 HIGH
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
CVE-2021-27815 2 Fedoraproject, Libexif Project 2 Fedora, Exif 2022-11-04 4.3 MEDIUM 5.5 MEDIUM
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
CVE-2016-7103 5 Fedoraproject, Jquery, Netapp and 2 more 9 Fedora, Jquery Ui, Snapcenter and 6 more 2022-11-03 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVE-2022-2795 3 Debian, Fedoraproject, Isc 3 Debian Linux, Fedora, Bind 2022-11-03 N/A 7.5 HIGH
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
CVE-2021-45341 3 Debian, Fedoraproject, Librecad 3 Debian Linux, Fedora, Librecad 2022-11-03 9.3 HIGH 8.8 HIGH
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
CVE-2021-28876 2 Fedoraproject, Rust-lang 2 Fedora, Rust 2022-11-03 4.3 MEDIUM 5.3 MEDIUM
In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.
CVE-2019-25013 5 Broadcom, Debian, Fedoraproject and 2 more 10 Fabric Operating System, Debian Linux, Fedora and 7 more 2022-11-03 7.1 HIGH 5.9 MEDIUM
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
CVE-2021-28878 2 Fedoraproject, Rust-lang 2 Fedora, Rust 2022-11-03 4.3 MEDIUM 7.5 HIGH
In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.
CVE-2021-31162 2 Fedoraproject, Rust-lang 2 Fedora, Rust 2022-11-03 7.5 HIGH 9.8 CRITICAL
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
CVE-2021-28879 2 Fedoraproject, Rust-lang 2 Fedora, Rust 2022-11-03 7.5 HIGH 9.8 CRITICAL
In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.