Vulnerabilities > Fedoraproject > Fedora > 34
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-25 | CVE-2020-25672 | Memory Leak vulnerability in multiple products A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | 7.5 |
| 2021-05-24 | CVE-2020-26555 | Incorrect Authorization vulnerability in multiple products Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | 5.4 |
| 2021-05-24 | CVE-2020-26558 | Improper Authentication vulnerability in multiple products Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. | 4.2 |
| 2021-05-20 | CVE-2021-33477 | Improper Handling of Exceptional Conditions vulnerability in multiple products rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). network low complexity eterm-project mrxvt-project rxvt-project rxvt-unicode-project fedoraproject debian CWE-755 | 8.8 |
| 2021-05-20 | CVE-2021-3426 | Path Traversal vulnerability in multiple products There's a flaw in Python 3's pydoc. | 5.7 |
| 2021-05-20 | CVE-2021-3480 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in slapi-nis in versions before 0.56.7. | 7.5 |
| 2021-05-20 | CVE-2021-20718 | Resource Exhaustion vulnerability in multiple products mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors. | 7.5 |
| 2021-05-19 | CVE-2021-3421 | Improper Verification of Cryptographic Signature vulnerability in multiple products A flaw was found in the RPM package in the read functionality. | 5.5 |
| 2021-05-19 | CVE-2021-3445 | Improper Verification of Cryptographic Signature vulnerability in multiple products A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. | 7.5 |
| 2021-05-19 | CVE-2021-3517 | Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. | 8.6 |