Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2021-28676 Infinite Loop vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
network
low complexity
python fedoraproject CWE-835
7.5
7.5
2021-06-02 CVE-2021-28677 An issue was discovered in Pillow before 8.2.0.
network
low complexity
python fedoraproject
7.5
7.5
2021-06-02 CVE-2021-28678 Insufficient Verification of Data Authenticity vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
local
low complexity
python fedoraproject CWE-345
5.5
5.5
2021-06-02 CVE-2019-12067 NULL Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian fedoraproject redhat CWE-476
6.5
6.5
2021-06-02 CVE-2021-28675 Unchecked Return Value vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
local
low complexity
python fedoraproject CWE-252
5.5
5.5
2021-06-02 CVE-2020-35503 A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0.
local
low complexity
qemu fedoraproject
6.0
6.0
2021-06-01 CVE-2021-3516 Use After Free vulnerability in multiple products
There's a flaw in libxml2's xmllint in versions before 2.9.11. 		7.8
7.8
2021-06-01 CVE-2021-3543 Use After Free vulnerability in multiple products
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. 		6.7
6.7
2021-06-01 CVE-2021-23017 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
network
high complexity
f5 openresty fedoraproject netapp oracle
7.7
7.7
2021-05-28 CVE-2021-29505 XStream is software for serializing Java objects to XML and back again. 8.8
8.8