Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-35063 | Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." | 7.5 |
| 2021-07-21 | CVE-2021-32761 | Redis is an in-memory database that persists on disk. | 7.5 |
| 2021-07-20 | CVE-2021-33909 | Integer Overflow or Wraparound vulnerability in multiple products fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | 7.8 |
| 2021-07-20 | CVE-2021-3246 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file. | 8.8 |
| 2021-07-20 | CVE-2019-25051 | Out-of-bounds Write vulnerability in multiple products objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). | 7.8 |
| 2021-07-20 | CVE-2020-36430 | Out-of-bounds Write vulnerability in multiple products libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction. | 7.8 |
| 2021-07-16 | CVE-2021-32749 | Code Injection vulnerability in multiple products fail2ban is a daemon to ban hosts that cause multiple authentication errors. | 8.1 |
| 2021-07-12 | CVE-2021-32705 | Nextcloud Server is a Nextcloud package that handles data storage. | 7.5 |
| 2021-07-12 | CVE-2021-32688 | Nextcloud Server is a Nextcloud package that handles data storage. | 8.8 |
| 2021-07-12 | CVE-2021-32679 | Nextcloud Server is a Nextcloud package that handles data storage. | 8.8 |