Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-07 | CVE-2021-33896 | Path Traversal vulnerability in multiple products Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. | 5.3 |
| 2021-06-04 | CVE-2021-3565 | Use of Hard-coded Credentials vulnerability in multiple products A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. | 5.9 |
| 2021-06-02 | CVE-2021-28678 | Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. | 5.5 |
| 2021-06-02 | CVE-2021-28675 | Unchecked Return Value vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. | 5.5 |
| 2021-06-01 | CVE-2021-3543 | Use After Free vulnerability in multiple products A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. | 6.7 |
| 2021-05-28 | CVE-2021-33620 | Improper Input Validation vulnerability in multiple products Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. | 6.5 |
| 2021-05-28 | CVE-2021-20292 | Use After Free vulnerability in multiple products There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. | 6.7 |
| 2021-05-27 | CVE-2021-31808 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. | 6.5 |
| 2021-05-27 | CVE-2021-31525 | Uncontrolled Recursion vulnerability in multiple products net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. | 5.9 |
| 2021-05-27 | CVE-2021-31806 | Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. | 6.5 |