Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-17 | CVE-2021-41500 | Incorrect Comparison vulnerability in multiple products Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects. | 7.5 |
2021-12-17 | CVE-2021-4008 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. | 7.8 |
2021-12-17 | CVE-2021-4009 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. | 7.8 |
2021-12-17 | CVE-2021-4010 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. | 7.8 |
2021-12-17 | CVE-2021-4011 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. | 7.8 |
2021-12-15 | CVE-2021-45078 | Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. | 7.8 |
2021-12-14 | CVE-2021-45046 | Expression Language Injection vulnerability in multiple products It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. | 9.0 |
2021-12-13 | CVE-2020-16156 | Improper Verification of Cryptographic Signature vulnerability in multiple products CPAN 2.28 allows Signature Verification Bypass. | 7.8 |
2021-12-13 | CVE-2021-43818 | Injection vulnerability in multiple products lxml is a library for processing XML and HTML in the Python language. | 7.1 |
2021-12-13 | CVE-2021-44847 | Incorrect Calculation vulnerability in multiple products A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet. | 9.8 |