Fedoraproject: >> Fedora Security Vulnerabilities
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-01
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
CVSS Score
6.5
EPSS Score
0.008
Published
2022-01-01
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-01-01
vim is vulnerable to Out-of-bounds Read
CVSS Score
5.5
EPSS Score
0.006
Published
2021-12-31
vim is vulnerable to Use After Free
CVSS Score
5.5
EPSS Score
0.006
Published
2021-12-31
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.002
Published
2021-12-30
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.0
Published
2021-12-30
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file
CVSS Score
5.5
EPSS Score
0.002
Published
2021-12-30
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.003
Published
2021-12-30
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.001
Published
2021-12-30