Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Extra_packages_for_enterprise_linux
(Fedoraproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 76 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-07-28 | CVE-2022-2158 | Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-07-28 | CVE-2022-2163 | Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-07-28 | CVE-2022-2295 | Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-07-28 | CVE-2022-2296 | Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | Extra_packages_for_enterprise_linux, Fedora, Chrome | 8.8 | ||
| 2022-08-10 | CVE-2022-2719 | In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick | 5.5 | ||
| 2022-08-17 | CVE-2020-14394 | An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux, Openstack_platform | 3.2 | ||
| 2022-08-29 | CVE-2022-0367 | A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Libmodbus | 7.8 | ||
| 2022-09-19 | CVE-2022-3213 | A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick | 5.5 | ||
| 2022-11-29 | CVE-2022-4144 | An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. | Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux | 6.5 | ||
| 2022-12-09 | CVE-2022-4170 | The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. | Extra_packages_for_enterprise_linux, Fedora, Rxvt\-Unicode | 9.8 |