Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-02 | CVE-2019-12067 | NULL Pointer Dereference vulnerability in multiple products The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. | 6.5 |
| 2021-06-02 | CVE-2021-28675 | Unchecked Return Value vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. | 5.5 |
| 2021-06-02 | CVE-2020-35503 | A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. | 6.0 |
| 2021-06-01 | CVE-2021-3543 | Use After Free vulnerability in multiple products A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. | 6.7 |
| 2021-05-28 | CVE-2021-33620 | Improper Input Validation vulnerability in multiple products Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. | 6.5 |
| 2021-05-28 | CVE-2020-35504 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. | 6.0 |
| 2021-05-28 | CVE-2021-20292 | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. | 6.7 |
| 2021-05-27 | CVE-2021-31808 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. | 6.5 |
| 2021-05-27 | CVE-2021-31525 | Uncontrolled Recursion vulnerability in multiple products net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. | 5.9 |
| 2021-05-27 | CVE-2021-31806 | Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. | 6.5 |