Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-09-17 CVE-2021-39218 Free of Memory not on the Heap vulnerability in multiple products
Wasmtime is an open source runtime for WebAssembly & WASI.
local
high complexity
bytecodealliance fedoraproject CWE-590
6.3
2021-09-17 CVE-2021-39216 Use After Free vulnerability in multiple products
Wasmtime is an open source runtime for WebAssembly & WASI.
local
high complexity
bytecodealliance fedoraproject CWE-416
6.3
2021-09-17 CVE-2021-39219 Type Confusion vulnerability in multiple products
Wasmtime is an open source runtime for WebAssembly & WASI.
local
high complexity
bytecodealliance fedoraproject CWE-843
6.3
2021-09-16 CVE-2021-34798 NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
7.5
2021-09-16 CVE-2021-36160 Out-of-bounds Read vulnerability in multiple products
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).
7.5
2021-09-16 CVE-2021-39275 Out-of-bounds Write vulnerability in multiple products
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.
network
low complexity
apache fedoraproject debian netapp oracle siemens CWE-787
critical
9.8
2021-09-16 CVE-2021-40438 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
network
high complexity
apache fedoraproject debian netapp f5 oracle siemens CWE-918
critical
9.0
2021-09-15 CVE-2021-3796 Use After Free vulnerability in multiple products
vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject debian netapp CWE-416
7.3
2021-09-15 CVE-2021-3778 Heap-based Buffer Overflow vulnerability in multiple products
vim is vulnerable to Heap-based Buffer Overflow
local
low complexity
vim fedoraproject debian netapp CWE-122
7.8
2021-09-10 CVE-2021-40839 Infinite Loop vulnerability in multiple products
The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.
network
low complexity
rencode-project fedoraproject CWE-835
7.5