Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2021-32918 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Prosody before 0.11.9.
network
low complexity
prosody debian fedoraproject CWE-400
7.5
7.5
2021-05-13 CVE-2021-32919 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in Prosody before 0.11.9.
network
low complexity
prosody debian fedoraproject CWE-295
7.5
7.5
2021-05-13 CVE-2021-32920 Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.
network
low complexity
prosody debian fedoraproject
7.5
7.5
2021-05-13 CVE-2021-32921 Race Condition vulnerability in multiple products
An issue was discovered in Prosody before 0.11.9.
network
high complexity
prosody fedoraproject debian CWE-362
5.9
5.9
2021-05-13 CVE-2020-25713 Out-of-bounds Read vulnerability in multiple products
A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common.
network
low complexity
librdf fedoraproject debian CWE-125
6.5
6.5
2021-05-13 CVE-2020-27823 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in OpenJPEG’s encoder.
local
low complexity
uclouvain fedoraproject debian CWE-120
7.8
7.8
2021-05-13 CVE-2020-14354 Use After Free vulnerability in multiple products
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing.
local
low complexity
c-ares fedoraproject CWE-416
3.3
3.3
2021-05-13 CVE-2020-27824 Out-of-bounds Read vulnerability in multiple products
A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. 		5.5
5.5
2021-05-13 CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2021-05-12 CVE-2021-23134 Use After Free vulnerability in multiple products
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges.
local
low complexity
linux fedoraproject debian CWE-416
7.8
7.8