Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora
Total 5075 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2257 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2231 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
CVE-2022-2210 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-2208 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
CVE-2022-2207 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2206 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2183 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2182 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2175 2 Fedoraproject, Vim 2 Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVE-2022-2165 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 N/A 4.3 MEDIUM
Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2022-2164 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 N/A 6.3 MEDIUM
Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.
CVE-2022-2163 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2023-11-07 N/A 8.8 HIGH
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
CVE-2022-2162 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Windows 2023-11-07 N/A 8.8 HIGH
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page.
CVE-2022-2161 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 N/A 8.8 HIGH
Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2160 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Windows 2023-11-07 N/A 6.5 MEDIUM
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
CVE-2022-2158 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2023-11-07 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2157 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 N/A 8.8 HIGH
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2156 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 N/A 8.8 HIGH
Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2132 4 Debian, Dpdk, Fedoraproject and 1 more 8 Debian Linux, Data Plane Development Kit, Fedora and 5 more 2023-11-07 N/A 8.6 HIGH
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
CVE-2022-2129 3 Debian, Fedoraproject, Vim 3 Debian Linux, Fedora, Vim 2023-11-07 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.