Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2021-32919 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in Prosody before 0.11.9.
network
low complexity
prosody debian fedoraproject CWE-295
7.5
7.5
2021-05-13 CVE-2021-32920 Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.
network
low complexity
prosody debian fedoraproject
7.5
7.5
2021-05-13 CVE-2020-27823 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in OpenJPEG’s encoder.
local
low complexity
uclouvain fedoraproject debian CWE-120
7.8
7.8
2021-05-13 CVE-2021-31215 SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
network
low complexity
schedmd fedoraproject debian
8.8
8.8
2021-05-12 CVE-2020-27840 A flaw was found in samba.
network
low complexity
samba debian fedoraproject
7.5
7.5
2021-05-12 CVE-2021-20277 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Samba's libldb.
network
low complexity
samba debian fedoraproject CWE-787
7.5
7.5
2021-05-11 CVE-2021-32606 Use After Free vulnerability in multiple products
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free.
local
low complexity
linux fedoraproject CWE-416
7.8
7.8
2021-05-06 CVE-2021-3501 A flaw was found in the Linux kernel in versions before 5.12.
local
low complexity
linux redhat fedoraproject netapp
7.1
7.1
2021-05-05 CVE-2021-31542 Path Traversal vulnerability in multiple products
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
network
low complexity
djangoproject debian fedoraproject CWE-22
7.5
7.5
2021-05-04 CVE-2021-29478 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
8.8