Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-17 CVE-2021-39218 Wasmtime is an open source runtime for WebAssembly & WASI.
local
high complexity
bytecodealliance fedoraproject
6.3
6.3
2021-09-17 CVE-2021-39219 Wasmtime is an open source runtime for WebAssembly & WASI.
local
high complexity
bytecodealliance fedoraproject
6.3
6.3
2021-09-08 CVE-2021-22004 Race Condition vulnerability in multiple products
An issue was discovered in SaltStack Salt before 3003.3.
local
high complexity
saltstack fedoraproject CWE-362
6.4
6.4
2021-09-06 CVE-2021-40529 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
network
high complexity
botan-project fedoraproject mozilla CWE-327
5.9
5.9
2021-09-06 CVE-2021-40530 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
network
high complexity
cryptopp fedoraproject CWE-327
5.9
5.9
2021-09-03 CVE-2021-30615 Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
network
low complexity
fedoraproject microsoft
6.5
6.5
2021-09-03 CVE-2021-30617 Chromium: CVE-2021-30617 Policy bypass in Blink
network
low complexity
fedoraproject microsoft
6.5
6.5
2021-09-03 CVE-2021-30619 Authentication Bypass by Spoofing vulnerability in multiple products
Chromium: CVE-2021-30619 UI Spoofing in Autofill
network
low complexity
fedoraproject microsoft CWE-290
6.5
6.5
2021-09-03 CVE-2021-30621 Authentication Bypass by Spoofing vulnerability in multiple products
Chromium: CVE-2021-30621 UI Spoofing in Autofill
network
low complexity
fedoraproject microsoft CWE-290
6.5
6.5
2021-09-03 CVE-2021-39191 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject debian
6.1
6.1