Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2021-12-17 CVE-2021-41500 Incorrect Comparison vulnerability in multiple products
Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects.
network
low complexity
cvxopt-project fedoraproject CWE-697
7.5
7.5
2021-12-17 CVE-2021-4008 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.
local
low complexity
x-org fedoraproject debian CWE-119
7.8
7.8
2021-12-17 CVE-2021-4009 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.
local
low complexity
x-org fedoraproject debian CWE-119
7.8
7.8
2021-12-17 CVE-2021-4010 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.
local
low complexity
x-org fedoraproject debian CWE-119
7.8
7.8
2021-12-17 CVE-2021-4011 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14.
local
low complexity
x-org fedoraproject debian CWE-119
7.8
7.8
2021-12-15 CVE-2021-45078 Out-of-bounds Write vulnerability in multiple products
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write.
local
low complexity
gnu fedoraproject redhat debian netapp CWE-787
7.8
7.8
2021-12-15 CVE-2021-43518 Classic Buffer Overflow vulnerability in multiple products
Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow.
local
low complexity
teeworlds fedoraproject CWE-120
7.8
7.8
2021-12-14 CVE-2021-45046 It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations.
network
high complexity
apache intel cvat siemens debian sonicwall fedoraproject
critical
 9.0
9.0
2021-12-14 CVE-2021-4104 Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache fedoraproject redhat oracle CWE-502
7.5
7.5
2021-12-13 CVE-2020-16156 Improper Verification of Cryptographic Signature vulnerability in multiple products
CPAN 2.28 allows Signature Verification Bypass.
local
low complexity
perl fedoraproject CWE-347
7.8
7.8