Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5341 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4190 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2025-11-03 | 7.5 High |
| Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-4186 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2025-11-03 | 6.3 Medium |
| Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-4185 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2025-11-03 | 7.5 High |
| Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-4184 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2025-11-03 | 7.5 High |
| Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-4182 | 3 Fedoraproject, Oracle, Wireshark | 4 Fedora, Http Server, Zfs Storage Appliance Kit and 1 more | 2025-11-03 | 7.5 High |
| Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-4181 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2025-11-03 | 7.5 High |
| Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2021-43859 | 6 Debian, Fedoraproject, Jenkins and 3 more | 14 Debian Linux, Fedora, Jenkins and 11 more | 2025-11-03 | 7.5 High |
| XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible. | ||||
| CVE-2021-42782 | 2 Fedoraproject, Opensc Project | 2 Fedora, Opensc | 2025-11-03 | 5.3 Medium |
| Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library. | ||||
| CVE-2021-42781 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2025-11-03 | 5.3 Medium |
| Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. | ||||
| CVE-2021-42780 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2025-11-03 | 5.3 Medium |
| A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. | ||||
| CVE-2021-42779 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2025-11-03 | 5.3 Medium |
| A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. | ||||
| CVE-2021-42778 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2025-11-03 | 5.3 Medium |
| A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. | ||||
| CVE-2021-3733 | 4 Fedoraproject, Netapp, Python and 1 more | 21 Extra Packages For Enterprise Linux, Fedora, Hci Compute Node Firmware and 18 more | 2025-11-03 | 6.5 Medium |
| There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. | ||||
| CVE-2021-3669 | 5 Debian, Fedoraproject, Ibm and 2 more | 24 Debian Linux, Fedora, Spectrum Copy Data Management and 21 more | 2025-11-03 | 5.5 Medium |
| A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. | ||||
| CVE-2021-36976 | 4 Apple, Fedoraproject, Libarchive and 1 more | 7 Ipados, Iphone Os, Macos and 4 more | 2025-11-03 | 6.5 Medium |
| libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). | ||||
| CVE-2021-36770 | 3 Fedoraproject, P5-encode Project, Perl | 3 Fedora, P5-encode, Perl | 2025-11-03 | 7.8 High |
| Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value. | ||||
| CVE-2021-36087 | 3 Fedoraproject, Redhat, Selinux Project | 3 Fedora, Enterprise Linux, Selinux | 2025-11-03 | 3.3 Low |
| The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. | ||||
| CVE-2021-36086 | 3 Fedoraproject, Redhat, Selinux Project | 3 Fedora, Enterprise Linux, Selinux | 2025-11-03 | 3.3 Low |
| The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). | ||||
| CVE-2021-36085 | 3 Fedoraproject, Redhat, Selinux Project | 3 Fedora, Enterprise Linux, Selinux | 2025-11-03 | 3.3 Low |
| The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). | ||||
| CVE-2021-36084 | 3 Fedoraproject, Redhat, Selinux Project | 3 Fedora, Enterprise Linux, Selinux | 2025-11-03 | 3.3 Low |
| The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). | ||||