Vulnerabilities > Fedoraproject > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-07	CVE-2020-36314	Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. local low complexity gnome fedoraproject CWE-59	3.9
2021-04-02	CVE-2020-29623	"Clear History and Website Data" did not clear the history. local low complexity apple fedoraproject webkitgtk	3.3
2021-04-01	CVE-2021-22890	Authentication Bypass by Spoofing vulnerability in multiple products curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. network high complexity haxx fedoraproject netapp broadcom debian siemens oracle splunk CWE-290	3.7
2021-04-01	CVE-2021-28163	Link Following vulnerability in multiple products In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. network low complexity eclipse fedoraproject apache netapp oracle CWE-59	2.7
2021-03-23	CVE-2021-3392	Use After Free vulnerability in multiple products A use-after-free flaw was found in the MegaRAID emulator of QEMU. local low complexity qemu fedoraproject debian CWE-416	3.2
2021-02-25	CVE-2021-20203	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. local low complexity qemu fedoraproject debian CWE-190	3.2
2021-02-24	CVE-2021-27645	Double Free vulnerability in multiple products The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. local high complexity gnu fedoraproject debian CWE-415	2.5
2021-02-11	CVE-2019-19004	Integer Overflow or Wraparound vulnerability in multiple products A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. local low complexity autotrace-project fedoraproject CWE-190	3.3
2021-01-20	CVE-2020-25686	A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian arista	3.7
2021-01-20	CVE-2020-25684	A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian arista	3.7