Vulnerabilities > Fedoraproject > Fedora > 35

DATE CVE VULNERABILITY TITLE RISK
2021-07-20 CVE-2021-36976 Use After Free vulnerability in multiple products
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
network
low complexity
libarchive fedoraproject apple splunk CWE-416
6.5
6.5
2021-07-20 CVE-2021-36979 Out-of-bounds Write vulnerability in multiple products
Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb).
local
low complexity
unicorn-engine fedoraproject CWE-787
5.5
5.5
2021-07-16 CVE-2021-32749 Code Injection vulnerability in multiple products
fail2ban is a daemon to ban hosts that cause multiple authentication errors.
network
high complexity
fail2ban fedoraproject CWE-94
8.1
8.1
2021-07-02 CVE-2021-35197 Incorrect Authorization vulnerability in multiple products
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access.
network
low complexity
mediawiki debian fedoraproject CWE-863
7.5
7.5
2021-07-01 CVE-2021-36084 Use After Free vulnerability in multiple products
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).
local
low complexity
selinux-project fedoraproject CWE-416
3.3
3.3
2021-07-01 CVE-2021-36085 Use After Free vulnerability in multiple products
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).
local
low complexity
selinux-project fedoraproject CWE-416
3.3
3.3
2021-07-01 CVE-2021-36086 Use After Free vulnerability in multiple products
The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).
local
low complexity
selinux-project fedoraproject CWE-416
3.3
3.3
2021-07-01 CVE-2021-36087 Out-of-bounds Read vulnerability in multiple products
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow).
local
low complexity
selinux-project fedoraproject CWE-125
3.3
3.3
2021-06-22 CVE-2021-0561 Out-of-bounds Write vulnerability in multiple products
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google fedoraproject debian CWE-787
5.5
5.5
2021-06-21 CVE-2021-29063 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
network
low complexity
mpmath fedoraproject CWE-770
7.5
7.5