Fedoraproject

Fedora

5335 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2021-39241

  • EPSS 0.44%
  • Veröffentlicht 17.08.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:59

An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this ...

7.5

CVE-2021-39242

  • EPSS 0.47%
  • Veröffentlicht 17.08.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:59

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.

7.5

CVE-2021-33193

Exploit
  • EPSS 0.94%
  • Veröffentlicht 16.08.2021 08:15:11
  • Zuletzt bearbeitet 01.05.2025 15:40:12

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

6.9

CVE-2021-3573

Exploit
  • EPSS 0.03%
  • Veröffentlicht 13.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:52

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_bl...

4.9

CVE-2021-3635

  • EPSS 0.15%
  • Veröffentlicht 13.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:02

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

5.4

CVE-2021-37695

  • EPSS 0.48%
  • Veröffentlicht 13.08.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:15:43

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed F...

9.8

CVE-2021-31556

  • EPSS 0.66%
  • Veröffentlicht 12.08.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:54

An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.

5.4

CVE-2021-32808

  • EPSS 1.44%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malform...

5.4

CVE-2021-32809

  • EPSS 0.21%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionali...

7.5

CVE-2021-38604

Exploit
  • EPSS 0.1%
  • Veröffentlicht 12.08.2021 16:15:10
  • Zuletzt bearbeitet 30.05.2025 19:15:26

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 ...