Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2021-05-12 CVE-2021-23134 Use After Free vulnerability in multiple products
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges.
local
low complexity
linux fedoraproject debian CWE-416
7.8
7.8
2021-05-12 CVE-2020-27840 Out-of-bounds Read vulnerability in multiple products
A flaw was found in samba.
network
low complexity
samba debian fedoraproject CWE-125
7.5
7.5
2021-05-12 CVE-2021-20277 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Samba's libldb.
network
low complexity
samba debian fedoraproject CWE-787
7.5
7.5
2021-05-11 CVE-2021-32606 Use After Free vulnerability in multiple products
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free.
local
low complexity
linux fedoraproject CWE-416
7.8
7.8
2021-05-11 CVE-2021-31204 .NET and Visual Studio Elevation of Privilege Vulnerability
local
low complexity
microsoft fedoraproject
7.3
7.3
2021-05-05 CVE-2021-31542 Path Traversal vulnerability in multiple products
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
network
low complexity
djangoproject debian fedoraproject CWE-22
7.5
7.5
2021-05-04 CVE-2021-29478 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
8.8
2021-05-04 CVE-2021-29477 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
8.8
2021-04-30 CVE-2021-21227 Out-of-bounds Write vulnerability in multiple products
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
8.8