Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-18 | CVE-2020-23856 | Use After Free vulnerability in multiple products Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee. | 5.5 |
2021-05-18 | CVE-2021-3518 | Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. | 8.8 |
2021-05-18 | CVE-2021-3531 | Reachable Assertion vulnerability in multiple products A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. | 5.3 |
2021-05-17 | CVE-2021-32617 | Resource Exhaustion vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |
2021-05-17 | CVE-2021-3524 | Injection vulnerability in multiple products A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. | 6.5 |
2021-05-14 | CVE-2021-33034 | Use After Free vulnerability in multiple products In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. | 7.8 |
2021-05-14 | CVE-2020-24119 | Out-of-bounds Read vulnerability in multiple products A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect. | 7.1 |
2021-05-14 | CVE-2021-3402 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. | 9.1 |
2021-05-14 | CVE-2021-3537 | NULL Pointer Dereference vulnerability in multiple products A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. | 5.9 |
2021-05-14 | CVE-2021-32613 | Double Free vulnerability in multiple products In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. | 5.5 |