Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2021-3115 | Uncontrolled Search Path Element vulnerability in multiple products Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | 7.5 |
| 2021-01-26 | CVE-2021-3114 | Incorrect Calculation vulnerability in multiple products In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field. | 6.5 |
| 2021-01-20 | CVE-2020-25687 | A flaw was found in dnsmasq before version 2.83. | 5.9 |
| 2021-01-20 | CVE-2020-25686 | A flaw was found in dnsmasq before version 2.83. | 3.7 |
| 2021-01-20 | CVE-2020-25682 | A flaw was found in dnsmasq before 2.83. | 8.1 |
| 2021-01-20 | CVE-2020-25681 | A flaw was found in dnsmasq before version 2.83. | 8.1 |
| 2021-01-20 | CVE-2020-25685 | Inadequate Encryption Strength vulnerability in multiple products A flaw was found in dnsmasq before version 2.83. | 3.7 |
| 2021-01-20 | CVE-2020-25684 | A flaw was found in dnsmasq before version 2.83. | 3.7 |
| 2021-01-20 | CVE-2020-25683 | A flaw was found in dnsmasq before version 2.83. | 5.9 |
| 2021-01-19 | CVE-2020-14410 | Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file. | 5.4 |