Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-10 | CVE-2022-0516 | A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. | 7.8 |
2022-03-10 | CVE-2021-3739 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. | 7.1 |
2022-03-10 | CVE-2021-3981 | Incorrect Default Permissions vulnerability in multiple products A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. | 3.3 |
2022-03-10 | CVE-2021-32434 | Out-of-bounds Read vulnerability in multiple products abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. | 5.5 |
2022-03-10 | CVE-2021-32435 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 5.5 |
2022-03-10 | CVE-2021-32436 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 6.5 |
2022-03-10 | CVE-2021-3733 | Resource Exhaustion vulnerability in multiple products There's a flaw in urllib's AbstractBasicAuthHandler class. | 6.5 |
2022-03-09 | CVE-2022-24349 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. | 4.4 |
2022-03-09 | CVE-2022-24917 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. | 4.4 |
2022-03-09 | CVE-2022-24918 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. | 4.4 |