Fedoraproject Fedora vulnerabilities

5,277 known vulnerabilities affecting fedoraproject/fedora.

Total CVEs

5,277

CISA KEV

actively exploited

Public exploits

147

Exploited in wild

101

Severity breakdown

CRITICAL514HIGH2325MEDIUM2265LOW173

Vulnerabilities

Page 54 of 264

CVE-2022-3050HIGHCVSS 8.8v372022-09-26

CVE-2022-3050 [HIGH] CWE-787 CVE-2022-3050: Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

nvd

CVE-2022-3199HIGHCVSS 8.8v372022-09-26

CVE-2022-3199 [HIGH] CWE-416 CVE-2022-3199: Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to poten Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

nvd

CVE-2022-3058HIGHCVSS 8.8v372022-09-26

CVE-2022-3058 [HIGH] CWE-416 CVE-2022-3058: Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.

nvd

CVE-2022-3040HIGHCVSS 8.8v372022-09-26

CVE-2022-3040 [HIGH] CWE-787 CVE-2022-3040: Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potent Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3046HIGHCVSS 8.8v372022-09-26

CVE-2022-3046 [HIGH] CWE-416 CVE-2022-3046: Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convin Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-2855HIGHCVSS 8.8v372022-09-26

CVE-2022-2855 [HIGH] CWE-416 CVE-2022-2855: Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potent Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3043HIGHCVSS 8.8v372022-09-26

CVE-2022-3043 [HIGH] CWE-787 CVE-2022-3043: Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-2853HIGHCVSS 8.8v372022-09-26

CVE-2022-2853 [HIGH] CWE-787 CVE-2022-2853: Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remo Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3052HIGHCVSS 8.8v372022-09-26

CVE-2022-3052 [HIGH] CWE-787 CVE-2022-3052: Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

nvd

CVE-2022-2857HIGHCVSS 8.8v372022-09-26

CVE-2022-2857 [HIGH] CWE-362 CVE-2022-2857: Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potent Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3200HIGHCVSS 8.8v372022-09-26

CVE-2022-3200 [HIGH] CWE-787 CVE-2022-3200: Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

nvd

CVE-2022-3195HIGHCVSS 8.8v372022-09-26

CVE-2022-3195 [HIGH] CWE-787 CVE-2022-3195: Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

nvd

CVE-2022-2859HIGHCVSS 8.8v372022-09-26

CVE-2022-2859 [HIGH] CWE-416 CVE-2022-2859: Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.

nvd

CVE-2022-3045HIGHCVSS 8.8v372022-09-26

CVE-2022-3045 [HIGH] CWE-787 CVE-2022-3045: Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a r Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3071HIGHCVSS 8.8v372022-09-26

CVE-2022-3071 [HIGH] CWE-362 CVE-2022-3071: Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a r Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.

nvd

CVE-2022-3198HIGHCVSS 8.8v372022-09-26

CVE-2022-3198 [HIGH] CWE-416 CVE-2022-3198: Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentia Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

nvd

CVE-2022-3196HIGHCVSS 8.8v372022-09-26

CVE-2022-3196 [HIGH] CWE-416 CVE-2022-3196: Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentia Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

nvd

CVE-2022-3039HIGHCVSS 8.8v372022-09-26

CVE-2022-3039 [HIGH] CWE-416 CVE-2022-3039: Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potent Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3041HIGHCVSS 8.8v372022-09-26

CVE-2022-3041 [HIGH] CWE-416 CVE-2022-3041: Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potent Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2022-3051HIGHCVSS 8.8v372022-09-26

CVE-2022-3051 [HIGH] CWE-787 CVE-2022-3051: Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allow Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

nvd

← Previous54 / 264Next →