Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2021-07-30 CVE-2021-36386 Missing Initialization of Resource vulnerability in multiple products
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages.
network
low complexity
fetchmail fedoraproject CWE-909
7.5
7.5
2021-07-26 CVE-2021-37576 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
local
low complexity
linux fedoraproject CWE-787
7.8
7.8
2021-07-26 CVE-2021-31292 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.
network
low complexity
exiv2 debian fedoraproject CWE-190
7.5
7.5
2021-07-26 CVE-2021-32791 Reusing a Nonce, Key Pair in Encryption vulnerability in multiple products
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
high complexity
openidc fedoraproject CWE-323
5.9
5.9
2021-07-26 CVE-2021-32792 Cross-site Scripting vulnerability in multiple products
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject CWE-79
6.1
6.1
2021-07-22 CVE-2021-32786 Open Redirect vulnerability in multiple products
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject CWE-601
6.1
6.1
2021-07-22 CVE-2021-35063 Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."
network
low complexity
oisf debian fedoraproject
7.5
7.5
2021-07-21 CVE-2021-37220 Out-of-bounds Write vulnerability in multiple products
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table.
local
low complexity
artifex fedoraproject CWE-787
5.5
5.5
2021-07-21 CVE-2021-32761 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an in-memory database that persists on disk.
network
high complexity
redislabs debian fedoraproject CWE-680
7.5
7.5
2021-07-21 CVE-2021-2339 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).
network
low complexity
oracle netapp fedoraproject
4.9
4.9