Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2021-32678 Improper Control of Interaction Frequency vulnerability in multiple products
Nextcloud Server is a Nextcloud package that handles data storage.
network
low complexity
nextcloud fedoraproject CWE-799
5.3
5.3
2021-07-12 CVE-2021-32679 Improper Encoding or Escaping of Output vulnerability in multiple products
Nextcloud Server is a Nextcloud package that handles data storage.
network
low complexity
nextcloud fedoraproject CWE-116
8.8
8.8
2021-07-12 CVE-2021-36377 Improper Certificate Validation vulnerability in multiple products
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.
network
low complexity
fossil-scm fedoraproject CWE-295
7.5
7.5
2021-07-09 CVE-2021-3570 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the ptp4l program of the linuxptp package. 		8.8
8.8
2021-07-09 CVE-2021-3571 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the ptp4l program of the linuxptp package.
network
low complexity
linuxptp-project redhat fedoraproject CWE-125
7.1
7.1
2021-07-09 CVE-2021-3612 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. 		7.8
7.8
2021-07-08 CVE-2021-21779 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4.
network
low complexity
webkitgtk fedoraproject debian CWE-416
8.8
8.8
2021-07-07 CVE-2021-21775 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4.
network
low complexity
webkitgtk fedoraproject debian CWE-416
8.0
8.0
2021-07-06 CVE-2021-32740 Resource Exhaustion vulnerability in multiple products
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library.
network
low complexity
addressable-project fedoraproject CWE-400
7.5
7.5
2021-07-02 CVE-2021-30554 Use After Free vulnerability in multiple products
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8