Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-39149 XStream is a simple library to serialize objects to XML and back again. 8.5
8.5
2021-08-23 CVE-2021-39151 XStream is a simple library to serialize objects to XML and back again. 8.5
8.5
2021-08-23 CVE-2021-39153 XStream is a simple library to serialize objects to XML and back again. 8.5
8.5
2021-08-23 CVE-2021-39154 XStream is a simple library to serialize objects to XML and back again. 8.5
8.5
2021-08-18 CVE-2021-25218 Reachable Assertion vulnerability in multiple products
In BIND 9.16.19, 9.17.16.
network
low complexity
isc fedoraproject CWE-617
7.5
7.5
2021-08-17 CVE-2021-39240 An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject
7.5
7.5
2021-08-17 CVE-2021-39242 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject CWE-755
7.5
7.5
2021-08-16 CVE-2021-33193 A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning.
network
low complexity
apache fedoraproject tenable oracle
7.5
7.5
2021-08-12 CVE-2021-38604 NULL Pointer Dereference vulnerability in multiple products
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference.
network
low complexity
gnu fedoraproject oracle CWE-476
7.5
7.5
2021-08-12 CVE-2021-38593 Out-of-bounds Write vulnerability in multiple products
Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).
network
low complexity
qt fedoraproject CWE-787
7.5
7.5