Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 35 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-41798
MediaWiki prior to 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
NA
CVE-2022-45149
A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-45150
A reflected cross-site scripting vulnerability exists in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user'...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-45151
The stored-XSS vulnerability exists in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
605
VMScore
CVE-2022-0096
Use after free in Storage in Google Chrome before 97.0.4692.71 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
605
VMScore
CVE-2022-0097
Inappropriate implementation in DevTools in Google Chrome before 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
605
VMScore
CVE-2022-0099
Use after free in Sign-in in Google Chrome before 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
605
VMScore
CVE-2022-0106
Use after free in Autofill in Google Chrome before 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
605
VMScore
CVE-2022-0107
Use after free in File Manager API in Google Chrome on Chrome OS before 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
383
VMScore
CVE-2022-0108
Inappropriate implementation in Navigation in Google Chrome before 97.0.4692.71 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »