Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-03-09 | CVE-2022-24917 | An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. | Debian_linux, Fedora, Frontend | 4.4 | ||
2022-03-09 | CVE-2022-24918 | An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. | Fedora, Frontend | 4.4 | ||
2022-03-09 | CVE-2022-24919 | An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. | Debian_linux, Fedora, Frontend | 4.4 | ||
2022-03-10 | CVE-2021-32434 | abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. | Abcm2ps, Debian_linux, Fedora | 5.5 | ||
2022-03-10 | CVE-2021-32435 | Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | Abcm2ps, Debian_linux, Fedora | 5.5 | ||
2022-03-10 | CVE-2021-32436 | An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | Abcm2ps, Debian_linux, Fedora | 6.5 | ||
2022-03-10 | CVE-2021-34338 | Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | Fedora, Ming | 6.5 | ||
2022-03-10 | CVE-2021-34339 | Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | Fedora, Ming | 6.5 | ||
2022-03-10 | CVE-2021-34340 | Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service. | Fedora, Ming | 6.5 | ||
2022-03-10 | CVE-2021-44269 | An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound. | Fedora, Wavpack | 5.5 |