Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-27 CVE-2021-28652 Memory Leak vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian fedoraproject CWE-401
4.9
4.9
2021-05-27 CVE-2021-28662 Improper Encoding or Escaping of Output vulnerability in multiple products
An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian fedoraproject CWE-116
6.5
6.5
2021-05-27 CVE-2021-30501 Reachable Assertion vulnerability in multiple products
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0.
local
low complexity
upx-project redhat fedoraproject CWE-617
5.5
5.5
2021-05-26 CVE-2021-30469 Use After Free vulnerability in multiple products
A flaw was found in PoDoFo 0.9.7. 		5.5
5.5
2021-05-26 CVE-2021-30470 Uncontrolled Recursion vulnerability in multiple products
A flaw was found in PoDoFo 0.9.7. 		5.5
5.5
2021-05-26 CVE-2021-30471 Uncontrolled Recursion vulnerability in multiple products
A flaw was found in PoDoFo 0.9.7. 		5.5
5.5
2021-05-26 CVE-2021-20297 Improper Input Validation vulnerability in multiple products
A flaw was found in NetworkManager in versions before 1.30.0.
local
low complexity
gnome redhat fedoraproject CWE-20
5.5
5.5
2021-05-26 CVE-2021-20178 A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module.
local
low complexity
redhat fedoraproject
5.5
5.5
2021-05-26 CVE-2020-25673 A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
local
low complexity
linux fedoraproject netapp
5.5
5.5
2021-05-26 CVE-2021-31924 Improper Authentication vulnerability in multiple products
Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass.
low complexity
yubico fedoraproject CWE-287
6.8
6.8