Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-09	CVE-2021-30152	Improper Privilege Management vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. network low complexity mediawiki debian fedoraproject CWE-269	4.3
2021-04-08	CVE-2021-3482	Out-of-bounds Write vulnerability in multiple products A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. network low complexity exiv2 redhat fedoraproject debian CWE-787	6.5
2021-04-08	CVE-2021-3448	A flaw was found in dnsmasq in versions before 2.85. network high complexity thekelleys redhat fedoraproject oracle	4.0
2021-04-08	CVE-2021-29154	Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. local low complexity linux fedoraproject debian netapp CWE-77	7.8
2021-04-07	CVE-2021-30184	Classic Buffer Overflow vulnerability in multiple products GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. local low complexity gnu fedoraproject CWE-120	7.8
2021-04-07	CVE-2020-36314	Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. local low complexity gnome fedoraproject CWE-59	3.9
2021-04-07	CVE-2021-30178	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.11. local low complexity linux fedoraproject CWE-476	5.5
2021-04-06	CVE-2021-29424	Incorrect Type Conversion or Cast vulnerability in multiple products The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. network low complexity net fedoraproject CWE-704	7.5
2021-04-06	CVE-2021-28658	Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. network low complexity djangoproject debian fedoraproject CWE-22	5.3
2021-04-06	CVE-2021-30158	Improper Authentication vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. network low complexity mediawiki debian fedoraproject CWE-287	5.3