Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-04 CVE-2021-32762 Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis debian fedoraproject netapp oracle
8.8
2021-10-04 CVE-2021-41099 Redis is an open source, in-memory database that persists on disk.
network
high complexity
redis fedoraproject debian netapp oracle
7.5
2021-10-04 CVE-2021-41103 containerd is an open source container runtime with an emphasis on simplicity, robustness and portability.
local
low complexity
linuxfoundation fedoraproject debian
7.8
2021-10-02 CVE-2021-41864 Integer Overflow or Wraparound vulnerability in multiple products
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
local
low complexity
linux fedoraproject netapp debian CWE-190
7.8
2021-09-29 CVE-2021-22946 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl).
7.5
2021-09-26 CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. 7.0
2021-09-19 CVE-2021-41073 Release of Invalid Pointer or Reference vulnerability in multiple products
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
local
low complexity
linux debian fedoraproject netapp CWE-763
7.8
2021-09-16 CVE-2021-34798 NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
7.5
2021-09-16 CVE-2021-36160 Out-of-bounds Read vulnerability in multiple products
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).
7.5
2021-09-15 CVE-2021-3796 vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject debian netapp
7.3