Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-13	CVE-2021-43818	lxml is a library for processing XML and HTML in the Python language. network low complexity lxml fedoraproject debian netapp oracle	7.1
2021-12-13	CVE-2020-16154	Improper Verification of Cryptographic Signature vulnerability in multiple products The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. local low complexity app fedoraproject CWE-347	7.8
2021-12-13	CVE-2021-44847	Incorrect Calculation vulnerability in multiple products A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet. network low complexity toktok fedoraproject CWE-682 critical	9.8
2021-12-10	CVE-2021-44228	Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple critical	10.0
2021-12-08	CVE-2021-4048	An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. network low complexity lapack-project openblas-project julialang redhat fedoraproject critical	9.1
2021-12-08	CVE-2021-44420	In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. network low complexity djangoproject redhat debian canonical fedoraproject	7.3
2021-12-07	CVE-2021-44686	Resource Exhaustion vulnerability in multiple products calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py. network low complexity calibre-ebook fedoraproject CWE-400	7.5
2021-12-06	CVE-2021-4069	vim is vulnerable to Use After Free local low complexity vim fedoraproject debian	7.8
2021-12-01	CVE-2021-3984	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian	7.8
2021-12-01	CVE-2021-4019	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian	7.8