Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 34  Security Vulnerabilities
CVE-2021-46665
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-02-01
CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.
CVSS Score
9.1
EPSS Score
0.001
Published
2022-01-31
CVE-2022-24130
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-31
CVE-2022-0408
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
8.4
EPSS Score
0.002
Published
2022-01-30
CVE-2022-0413
Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS Score
8.4
EPSS Score
0.002
Published
2022-01-30
CVE-2021-46659
MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-01-29
CVE-2022-24122
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-01-29
CVE-2022-23598
laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `formElementErrors()` view helper shipped with laminas-form, many messages will contain the submitted value. However, in laminas-form prior to version 3.1.1, the value was not being escaped for HTML contexts, which could potentially lead to a reflected cross-site scripting attack. Versions 3.1.1 and above contain a patch to mitigate the vulnerability. A workaround is available. One may manually place code at the top of a view script where one calls the `formElementErrors()` view helper. More information about this workaround is available on the GitHub Security Advisory.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-01-28
CVE-2022-0393
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS Score
8.4
EPSS Score
0.001
Published
2022-01-28
CVE-2022-23990
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVSS Score
7.5
EPSS Score
0.035
Published
2022-01-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved