Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-03 | CVE-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. | 6.7 |
| 2021-02-27 | CVE-2021-25284 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered in through SaltStack Salt before 3002.5. | 4.4 |
| 2021-02-27 | CVE-2020-28972 | Improper Certificate Validation vulnerability in multiple products In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate. | 5.9 |
| 2021-02-26 | CVE-2021-21274 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.5 |
| 2021-02-26 | CVE-2021-21273 | Open Redirect vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.1 |
| 2021-02-26 | CVE-2021-21330 | aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 6.1 |
| 2021-02-26 | CVE-2020-24455 | Missing Initialization of Resource vulnerability in multiple products Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. | 6.7 |
| 2021-02-23 | CVE-2021-3407 | A flaw was found in mupdf 1.18.0. | 5.5 |
| 2021-02-23 | CVE-2021-3405 | A flaw was found in libebml before 1.4.2. | 6.5 |
| 2021-02-23 | CVE-2021-26927 | A flaw was found in jasper before 2.0.25. | 5.5 |