Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-0516 A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel.
local
low complexity
linux fedoraproject debian redhat netapp
7.8
7.8
2022-03-10 CVE-2021-3739 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’.
local
low complexity
linux fedoraproject netapp CWE-476
7.1
7.1
2022-03-10 CVE-2021-3981 Incorrect Default Permissions vulnerability in multiple products
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content.
local
low complexity
gnu fedoraproject CWE-276
3.3
3.3
2022-03-10 CVE-2021-32434 Out-of-bounds Read vulnerability in multiple products
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. 		5.5
5.5
2022-03-10 CVE-2021-32435 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. 		5.5
5.5
2022-03-10 CVE-2021-32436 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.
network
low complexity
abcm2ps-project fedoraproject debian CWE-125
6.5
6.5
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
6.5
2022-03-09 CVE-2022-24349 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
4.4
2022-03-09 CVE-2022-24917 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
4.4
2022-03-09 CVE-2022-24918 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users.
network
high complexity
zabbix fedoraproject CWE-79
4.4
4.4