Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-20204 | A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. | 9.8 |
| 2021-05-06 | CVE-2021-30473 | Release of Invalid Pointer or Reference vulnerability in multiple products aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. | 9.8 |
| 2021-05-06 | CVE-2021-32062 | Path Traversal vulnerability in multiple products MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded (with MapServer CGI). | 5.3 |
| 2021-05-06 | CVE-2021-3501 | A flaw was found in the Linux kernel in versions before 5.12. | 7.1 |
| 2021-05-05 | CVE-2021-31542 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | 7.5 |
| 2021-05-05 | CVE-2021-20254 | A flaw was found in samba. | 6.8 |
| 2021-05-05 | CVE-2021-31800 | Path Traversal vulnerability in multiple products Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. | 9.8 |
| 2021-05-05 | CVE-2021-25317 | A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. | 3.3 |
| 2021-05-04 | CVE-2021-29478 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |
| 2021-05-04 | CVE-2021-29477 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |