VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-25
CVE-2020-1946
OS Command Injection vulnerability in multiple products
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors.
network
low complexity
apache
debian
fedoraproject
CWE-78
critical
9.8
9.8
2021-03-23
CVE-2021-21351
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.1
9.1
2021-03-23
CVE-2021-21350
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21346
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21345
OS Command Injection vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-78
critical
9.9
9.9
2021-03-23
CVE-2021-21344
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21342
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.1
9.1
2021-03-19
CVE-2019-10196
A flaw was found in http-proxy-agent, prior to version 2.1.0.
network
low complexity
http-proxy-agent-project
fedoraproject
redhat
critical
9.8
9.8
2021-03-19
CVE-2021-28834
Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.
network
low complexity
kramdown-project
fedoraproject
debian
critical
9.8
9.8
«
Previous
1
2
...
18
19
20
(current)
21
22
...
47
48
»
Next