Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-01	CVE-2020-28493	Resource Exhaustion vulnerability in multiple products This affects the package jinja2 from 0.0.0 and before 2.11.3. network low complexity palletsprojects fedoraproject CWE-400	5.3
2021-01-29	CVE-2021-3347	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.11. local low complexity linux debian fedoraproject CWE-416	7.8
2021-01-27	CVE-2021-3325	Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). network low complexity fibranet fedoraproject critical	9.8
2021-01-27	CVE-2021-3272	Out-of-bounds Read vulnerability in multiple products jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components. local low complexity jasper-project fedoraproject CWE-125	5.5
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2021-01-26	CVE-2021-3308	An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. local low complexity xen fedoraproject	5.5
2021-01-26	CVE-2021-3115	Uncontrolled Search Path Element vulnerability in multiple products Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). network high complexity golang fedoraproject netapp CWE-427	7.5
2021-01-26	CVE-2021-3114	Incorrect Calculation vulnerability in multiple products In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field. network low complexity golang fedoraproject debian netapp CWE-682	6.5
2021-01-20	CVE-2020-25687	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian CWE-122	5.9
2021-01-20	CVE-2020-25686	Improperly Implemented Security Check for Standard vulnerability in multiple products A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian arista CWE-358	3.7

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject