Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  Security Vulnerabilities
CVE-2022-27404
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-04-22
CVE-2022-27405
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-04-22
CVE-2022-27406
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-22
CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-04-21
CVE-2022-29536
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-20
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-04-20
CVE-2022-24675
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-04-20
CVE-2022-25648
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.
CVSS Score
8.1
EPSS Score
0.015
Published
2022-04-19
CVE-2022-29153
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
CVSS Score
7.5
EPSS Score
0.857
Published
2022-04-19
CVE-2021-42778
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-04-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved