Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-04-09 CVE-2021-30156 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki fedoraproject CWE-732
4.0
2021-04-09 CVE-2021-30155 Missing Authorization vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject CWE-862
4.0
2021-04-09 CVE-2021-30152 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject CWE-732
4.0
2021-04-08 CVE-2021-3448 Improperly Implemented Security Check for Standard vulnerability in multiple products
A flaw was found in dnsmasq in versions before 2.85.
4.3
2021-04-08 CVE-2021-29154 Command Injection vulnerability in multiple products
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context.
local
low complexity
linux fedoraproject CWE-77
7.2
2021-04-07 CVE-2021-30184 Classic Buffer Overflow vulnerability in multiple products
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data.
6.8
2021-04-07 CVE-2021-30178 Null Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.11.
local
low complexity
linux fedoraproject CWE-476
2.1
2021-04-06 CVE-2021-29424 Incorrect Authorization vulnerability in multiple products
The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
network
low complexity
net fedoraproject CWE-863
5.0
2021-04-06 CVE-2021-30158 Improper Authentication vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject CWE-287
5.0
2021-04-06 CVE-2021-30157 Cross-Site Scripting vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
4.3