Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-15 CVE-2021-42383 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
network
low complexity
busybox fedoraproject CWE-416
7.2
7.2
2021-11-15 CVE-2021-42384 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
network
low complexity
busybox fedoraproject CWE-416
7.2
7.2
2021-11-15 CVE-2021-42385 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
network
low complexity
busybox fedoraproject CWE-416
7.2
7.2
2021-11-15 CVE-2021-42386 Use After Free vulnerability in multiple products
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
network
low complexity
busybox fedoraproject CWE-416
7.2
7.2
2021-11-08 CVE-2021-41771 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
network
low complexity
golang fedoraproject debian CWE-119
7.5
7.5
2021-11-08 CVE-2021-41772 Improper Input Validation vulnerability in multiple products
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
network
low complexity
golang fedoraproject oracle CWE-20
7.5
7.5
2021-11-08 CVE-2021-42072 Improper Authentication vulnerability in multiple products
An issue was discovered in Barrier before 2.4.0.
network
low complexity
barrier-project fedoraproject CWE-287
8.8
8.8
2021-11-05 CVE-2021-3927 vim is vulnerable to Heap-based Buffer Overflow
local
low complexity
vim fedoraproject debian
7.8
7.8
2021-11-05 CVE-2021-3928 vim is vulnerable to Use of Uninitialized Variable
local
low complexity
vim fedoraproject debian
7.8
7.8
2021-11-02 CVE-2021-37977 Use After Free vulnerability in multiple products
Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
8.8