Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-4184 | Infinite Loop vulnerability in multiple products Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-12-30 | CVE-2021-4185 | Infinite Loop vulnerability in multiple products Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-12-30 | CVE-2021-4186 | NULL Pointer Dereference vulnerability in multiple products Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-12-30 | CVE-2021-4190 | Excessive Iteration vulnerability in multiple products Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-12-29 | CVE-2021-23727 | Command Injection vulnerability in multiple products This affects the package celery before 5.2.2. | 7.5 |
| 2021-12-29 | CVE-2021-4187 | vim is vulnerable to Use After Free | 7.8 |
| 2021-12-28 | CVE-2021-44832 | Improper Input Validation vulnerability in multiple products Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. | 6.6 |
| 2021-12-27 | CVE-2021-4173 | vim is vulnerable to Use After Free | 7.8 |
| 2021-12-25 | CVE-2021-4166 | vim is vulnerable to Out-of-bounds Read | 7.1 |
| 2021-12-24 | CVE-2021-45471 | In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items. | 5.3 |