Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2021-26932 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. | 5.5 |
| 2021-02-17 | CVE-2021-26931 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. | 5.5 |
| 2021-02-15 | CVE-2021-23336 | HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. | 5.9 |
| 2021-02-11 | CVE-2021-22881 | Open Redirect vulnerability in multiple products The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. | 6.1 |
| 2021-02-09 | CVE-2021-21147 | Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2021-02-09 | CVE-2021-26925 | Cross-site Scripting vulnerability in multiple products Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering. | 5.4 |
| 2021-02-08 | CVE-2020-36151 | Out-of-bounds Write vulnerability in multiple products Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | 6.5 |
| 2021-02-08 | CVE-2020-36150 | Out-of-bounds Read vulnerability in multiple products Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. | 6.5 |
| 2021-02-08 | CVE-2020-36149 | NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. | 6.5 |
| 2021-02-08 | CVE-2020-36148 | NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. | 6.5 |