Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Extra_packages_for_enterprise_linux
(Fedoraproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 76 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-04-26 | CVE-2022-24882 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds. | Extra_packages_for_enterprise_linux, Fedora, Freerdp | 7.5 | ||
| 2022-06-16 | CVE-2022-32545 | A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux | 7.8 | ||
| 2022-06-16 | CVE-2022-32546 | A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux | 7.8 | ||
| 2022-07-28 | CVE-2022-2158 | Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-07-28 | CVE-2022-2163 | Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-07-28 | CVE-2022-2295 | Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-07-28 | CVE-2022-2296 | Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-08-10 | CVE-2022-2719 | In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick | 5.5 | ||
| 2022-08-17 | CVE-2020-14394 | An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux, Openstack_platform | 3.2 | ||
| 2022-08-29 | CVE-2022-0367 | A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Libmodbus | 7.8 |