Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-17 | CVE-2022-2849 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. | Fedora, Vim | 7.8 | ||
| 2022-08-17 | CVE-2022-2862 | Use After Free in GitHub repository vim/vim prior to 9.0.0221. | Fedora, Vim | 7.8 | ||
| 2022-08-17 | CVE-2020-14394 | An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux, Openstack_platform | 3.2 | ||
| 2022-08-17 | CVE-2022-2867 | libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. | Debian_linux, Fedora, Libtiff | 5.5 | ||
| 2022-08-17 | CVE-2022-2868 | libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. | Debian_linux, Fedora, Libtiff | 5.5 | ||
| 2022-08-17 | CVE-2022-2869 | libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. | Debian_linux, Fedora, Libtiff | 5.5 | ||
| 2022-08-18 | CVE-2022-37047 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. | Tcpreplay, Fedora | 7.8 | ||
| 2022-08-18 | CVE-2022-37048 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. | Tcpreplay, Fedora | 7.8 | ||
| 2022-08-18 | CVE-2022-37049 | The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942. | Tcpreplay, Fedora | 7.8 | ||
| 2022-08-19 | CVE-2022-2889 | Use After Free in GitHub repository vim/vim prior to 9.0.0225. | Fedora, Vim | 7.8 |