Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-17	CVE-2021-39242	Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. network low complexity haproxy debian fedoraproject CWE-755	7.5
2021-08-16	CVE-2021-33193	A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. network low complexity apache fedoraproject tenable oracle	7.5
2021-08-13	CVE-2021-3573	A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). local high complexity linux redhat fedoraproject	6.4
2021-08-13	CVE-2021-3635	A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. local low complexity linux redhat fedoraproject	4.4
2021-08-13	CVE-2021-37695	ckeditor is an open source WYSIWYG HTML editor with rich content support. network low complexity ckeditor debian fedoraproject oracle	5.4
2021-08-12	CVE-2021-31556	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. network low complexity mediawiki fedoraproject CWE-1284 critical	9.8
2021-08-12	CVE-2021-32808	ckeditor is an open source WYSIWYG HTML editor with rich content support. network low complexity ckeditor fedoraproject oracle	5.4
2021-08-12	CVE-2021-32809	Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. network low complexity ckeditor fedoraproject oracle CWE-79	5.4
2021-08-12	CVE-2021-38604	NULL Pointer Dereference vulnerability in multiple products In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. network low complexity gnu fedoraproject oracle CWE-476	7.5
2021-08-12	CVE-2021-20314	Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. network low complexity libspf2 redhat fedoraproject CWE-787 critical	9.8