Vulnerabilities > Fedoraproject > Fedora > 34
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2021-30499 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in libcaca. | 7.8 |
| 2021-05-26 | CVE-2021-25217 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. | 7.4 |
| 2021-05-26 | CVE-2021-30498 | Out-of-bounds Write vulnerability in multiple products A flaw was found in libcaca. | 7.8 |
| 2021-05-26 | CVE-2021-3561 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Out of Bounds flaw was found fig2dev version 3.2.8a. | 7.1 |
| 2021-05-26 | CVE-2020-25670 | Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | 7.8 |
| 2021-05-26 | CVE-2020-25671 | Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. | 7.8 |
| 2021-05-26 | CVE-2020-25673 | Resource Exhaustion vulnerability in multiple products A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | 5.5 |
| 2021-05-26 | CVE-2021-22543 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. | 7.8 |
| 2021-05-26 | CVE-2021-31924 | Improper Authentication vulnerability in multiple products Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. | 6.8 |
| 2021-05-25 | CVE-2021-33574 | Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. | 9.8 |