Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-02-11 CVE-2019-19004 Integer Overflow or Wraparound vulnerability in multiple products
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
local
low complexity
autotrace-project fedoraproject CWE-190
3.3
3.3
2021-02-11 CVE-2021-22881 Open Redirect vulnerability in multiple products
The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability.
network
low complexity
rubyonrails fedoraproject CWE-601
6.1
6.1
2021-02-11 CVE-2021-22880 Resource Exhaustion vulnerability in multiple products
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability.
network
low complexity
rubyonrails fedoraproject CWE-400
7.5
7.5
2021-02-11 CVE-2020-35498 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in openvswitch.
network
low complexity
openvswitch debian fedoraproject CWE-400
7.5
7.5
2021-02-10 CVE-2020-13578 NULL Pointer Dereference vulnerability in multiple products
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107.
network
low complexity
genivia fedoraproject CWE-476
7.5
7.5
2021-02-10 CVE-2020-13577 NULL Pointer Dereference vulnerability in multiple products
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107.
network
low complexity
genivia fedoraproject CWE-476
7.5
7.5
2021-02-10 CVE-2020-13576 Integer Overflow or Wraparound vulnerability in multiple products
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107.
network
low complexity
genivia fedoraproject CWE-190
critical
 9.8
9.8
2021-02-10 CVE-2020-13575 NULL Pointer Dereference vulnerability in multiple products
A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107.
network
low complexity
genivia fedoraproject CWE-476
7.5
7.5
2021-02-10 CVE-2020-13574 NULL Pointer Dereference vulnerability in multiple products
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107.
network
low complexity
genivia fedoraproject CWE-476
7.5
7.5
2021-02-10 CVE-2021-0326 Out-of-bounds Write vulnerability in multiple products
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. 		7.5
7.5