Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-12 | CVE-2020-27840 | A flaw was found in samba. | 7.5 |
| 2021-05-12 | CVE-2021-20277 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Samba's libldb. | 7.5 |
| 2021-05-11 | CVE-2021-32606 | Use After Free vulnerability in multiple products In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. | 7.8 |
| 2021-05-11 | CVE-2021-3504 | A flaw was found in the hivex library in versions before 1.3.20. | 5.4 |
| 2021-05-11 | CVE-2021-29471 | Insufficient Entropy vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 5.3 |
| 2021-05-10 | CVE-2020-13529 | Authentication Bypass by Spoofing vulnerability in multiple products An exploitable denial-of-service vulnerability exists in Systemd 245. | 6.1 |
| 2021-05-10 | CVE-2021-32056 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall. | 4.3 |
| 2021-05-07 | CVE-2021-21419 | Eventlet is a concurrent networking library for Python. | 5.3 |
| 2021-05-06 | CVE-2021-31829 | Incorrect Authorization vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. | 5.5 |
| 2021-05-06 | CVE-2021-32052 | Cross-site Scripting vulnerability in multiple products In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). | 6.1 |