fedoraproject
5,423 tracked vulnerabilities.
CVE-2021-32617
MEDIUM
exiv2 < 0.27.4 - Denial of Service via Crafted Image Metadata Writing
May 17, 2021
CVSS 4.7
EPSS 0.01
CVE-2021-3524
MEDIUM
Red Hat Ceph Storage RadosGW <14.2.21 - HTTP Header Injection
May 17, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-33034
HIGH
Linux kernel <5.12.4 - Use After Free
May 14, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-3402
CRITICAL
YARA < 4.0.4 - Integer Overflow and Buffer Overflow Read via Malicious Mach-O File
May 14, 2021
CVSS 9.1
EPSS 0.02
CVE-2021-3537
MEDIUM
libxml2 < 2.9.11 - NULL Pointer Dereference via XML Mixed Content Parsing
May 14, 2021
CVSS 5.9
EPSS 0.04
CVE-2021-32613
MEDIUM
radare2 < 5.3.0 - Double Free in pyc Parser
May 14, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-29510
LOW
pydantic < 1.6.2 - Denial of Service via Infinite Loop in DateTime Validation
May 13, 2021
CVSS 3.3
EPSS 0.01
CVE-2021-29623
LOW
exiv2 < 0.27.4 - Use of Uninitialized Resource via Crafted Image File
May 13, 2021
CVSS 3.6
EPSS 0.01
CVE-2021-32921
MEDIUM
prosody < 0.11.9 - Timing Attack via Non-Constant-Time String Comparison
May 13, 2021
CVSS 5.9
EPSS 0.02
CVE-2021-32920
HIGH
prosody < 0.11.9 - Unauthenticated Denial of Service via SSL/TLS Renegotiation Flood
May 13, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-32919
HIGH
prosody 0.10.0-0.11.8 - Improper Certificate Validation in mod_dialback
May 13, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32918
HIGH
prosody < 0.11.9 - Unauthenticated Denial of Service via Memory Exhaustion
May 13, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-32917
MEDIUM
prosody < 0.11.9 - Unauthenticated Bandwidth Abuse via proxy65 Component
May 13, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-21424
MEDIUM
Symfony 3.4.0-3.4.48 - Unauthorized User Enumeration via Switch User Functionality
May 13, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-31215
HIGH
Slurm <20.02.7 & 20.03.x-20.11.x<20.11.7 RCE via PrologSlurmctld/EpilogSlurmctld
May 13, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-23134
HIGH
Linux Kernel <5.12.4 - Privilege Escalation
May 12, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-20277
HIGH
Samba 4.0.0-4.12.12 - Denial of Service via LDAP Attribute with Leading Spaces
May 12, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-3504
MEDIUM
hivex < 1.3.20 - Out-of-bounds Read in hivex_open Function
May 11, 2021
CVSS 5.4
EPSS 0.02
CVE-2021-32606
HIGH
Linux Kernel 5.11-5.12.2 - Use-After-Free in CAN ISOTP Setsockopt
May 11, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-31204
HIGH
.NET 5.0-5.0.4 and .NET Core 3.1-3.1.13 - Elevation of Privilege
May 11, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-29471
LOW
Synapse < 1.33.2 - Denial of Service via Push Rule Event Match Pattern
May 11, 2021
CVSS 3.7
EPSS 0.02
CVE-2021-32056
MEDIUM
Cyrus IMAP < 3.2.7 and 3.3.x-3.4.x < 3.4.1 - Authenticated Access Control Bypass via Server Annotations
May 10, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-21419
MEDIUM
eventlet >=0.10 <0.31.0 - Uncontrolled Resource Consumption via WebSocket Frame
May 07, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-32052
MEDIUM
Django 2.2-2.2.21, 3.1-3.1.9, 3.2-3.2.1 - Header Injection via URLValidator
May 06, 2021
CVSS 6.1
EPSS 0.03
CVE-2021-31829
MEDIUM
Linux Kernel < 5.12.1 - Information Disclosure via BPF Stack Speculative Loads
May 06, 2021
CVSS 5.5
EPSS 0.00
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters