Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-02-24 | CVE-2021-27645 | The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c. | Fedora, Glibc | 2.5 | ||
2021-02-26 | CVE-2021-27803 | A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. | Debian_linux, Fedora, Wpa_supplicant | 7.5 | ||
2021-03-17 | CVE-2021-27291 | In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service. | Debian_linux, Fedora, Pygments | 7.5 | ||
2022-03-11 | CVE-2022-0860 | Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. | Cobbler, Fedora | 9.1 | ||
2022-03-17 | CVE-2022-24302 | In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. | Debian_linux, Fedora, Paramiko | 5.9 | ||
2021-03-03 | CVE-2021-26813 | markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time. | Fedora, Markdown2 | 7.5 | ||
2021-03-23 | CVE-2021-21341 | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required... | Debian_linux, Fedora, Banking_enterprise_default_management, Banking_platform, Banking_virtual_account_management, Business_activity_monitoring, Communications_billing_and_revenue_management_elastic_charging_engine, Communications_policy_management, Communications_unified_inventory_management, Graalvm, Java_se, Jdk, Retail_xstore_point_of_service, Webcenter_portal, Xstream | 7.5 | ||
2022-03-04 | CVE-2021-3744 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. | Debian_linux, Fedora, Linux_kernel | 5.5 | ||
2022-05-10 | CVE-2022-29117 | .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. | Fedora, \.net, \.net_core, Visual_studio_2019, Visual_studio_2022 | 7.5 | ||
2022-05-12 | CVE-2022-1674 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. | Fedora, Vim | 5.5 |