Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-10-20 CVE-2021-35567 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle netapp debian fedoraproject
6.8
6.8
2021-10-20 CVE-2021-35575 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
netapp oracle fedoraproject
4.9
4.9
2021-10-20 CVE-2021-35577 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
netapp oracle fedoraproject
4.9
4.9
2021-10-20 CVE-2021-35578 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
low complexity
oracle netapp debian fedoraproject
5.3
5.3
2021-10-20 CVE-2021-35586 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp fedoraproject debian
5.3
5.3
2021-10-20 CVE-2021-42739 Out-of-bounds Write vulnerability in multiple products
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. 		6.7
6.7
2021-10-15 CVE-2021-3875 Heap-based Buffer Overflow vulnerability in multiple products
vim is vulnerable to Heap-based Buffer Overflow
local
low complexity
vim fedoraproject CWE-122
5.5
5.5
2021-10-11 CVE-2021-41798 Cross-site Scripting vulnerability in multiple products
MediaWiki before 1.36.2 allows XSS.
network
low complexity
mediawiki fedoraproject CWE-79
6.1
6.1
2021-10-11 CVE-2021-41800 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time).
network
low complexity
mediawiki fedoraproject CWE-770
5.3
5.3
2021-10-08 CVE-2021-37958 Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
network
low complexity
google fedoraproject debian
5.4
5.4