Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-19 | CVE-2021-39926 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-11-19 | CVE-2021-39929 | Uncontrolled Recursion vulnerability in multiple products Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-11-19 | CVE-2021-3968 | vim is vulnerable to Heap-based Buffer Overflow | 8.0 |
| 2021-11-19 | CVE-2021-3973 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
| 2021-11-19 | CVE-2021-3974 | vim is vulnerable to Use After Free | 7.8 |
| 2021-11-19 | CVE-2021-44025 | Cross-site Scripting vulnerability in multiple products Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message. | 6.1 |
| 2021-11-19 | CVE-2021-44026 | SQL Injection vulnerability in multiple products Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. | 9.8 |
| 2021-11-18 | CVE-2021-39920 | NULL Pointer Dereference vulnerability in multiple products NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-11-18 | CVE-2021-39928 | NULL Pointer Dereference vulnerability in multiple products NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-11-18 | CVE-2021-27023 | A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. | 9.8 |