Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2021-12-30 CVE-2021-4186 NULL Pointer Dereference vulnerability in multiple products
Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject CWE-476
7.5
7.5
2021-12-30 CVE-2021-4190 Excessive Iteration vulnerability in multiple products
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject CWE-834
7.5
7.5
2021-12-29 CVE-2021-4187 Use After Free vulnerability in multiple products
vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject apple CWE-416
7.8
7.8
2021-12-28 CVE-2021-44832 Improper Input Validation vulnerability in multiple products
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server.
network
high complexity
apache oracle cisco fedoraproject debian CWE-20
6.6
6.6
2021-12-27 CVE-2021-4173 Use After Free vulnerability in multiple products
vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject apple CWE-416
7.8
7.8
2021-12-25 CVE-2021-4166 Out-of-bounds Read vulnerability in multiple products
vim is vulnerable to Out-of-bounds Read 		7.1
7.1
2021-12-23 CVE-2021-3621 OS Command Injection vulnerability in multiple products
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands.
network
low complexity
fedoraproject redhat CWE-78
8.8
8.8
2021-12-23 CVE-2021-3622 Resource Exhaustion vulnerability in multiple products
A flaw was found in the hivex library.
network
low complexity
redhat fedoraproject CWE-400
4.3
4.3
2021-12-23 CVE-2021-4024 Origin Validation Error vulnerability in multiple products
A flaw was found in podman.
network
low complexity
podman-project fedoraproject redhat CWE-346
6.5
6.5
2021-12-23 CVE-2021-45469 Out-of-bounds Read vulnerability in multiple products
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
local
low complexity
linux fedoraproject debian netapp CWE-125
7.8
7.8