Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 34 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-41160
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the clie...
Freerdp Freerdp
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.3
CVSSv2
CVE-2022-24737
HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. prior to 3.1.0, HTTPie didn‘t distinguish...
Httpie Httpie
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5
CVSSv2
CVE-2022-24778
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function `CheckAuthorization` is supposed to check whether t...
Linuxfoundation Imgcrypt
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv2
CVE-2021-31556
An issue exists in the Oauth extension for MediaWiki up to and including 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.6
CVSSv2
CVE-2021-31607
In SaltStack Salt 2016.9 up to and including 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master...
Saltstack Salt
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.8
CVSSv2
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
Frrouting Frrouting
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.5
CVSSv2
CVE-2020-35701
An issue exists in Cacti 1.2.x up to and including 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated malicious users to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.
Cacti Cacti
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2.6
CVSSv2
CVE-2021-40530
The ElGamal implementation in Crypto++ up to and including 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver&...
Cryptopp Crypto\\+\\+
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.8
CVSSv2
CVE-2021-21206
Use after free in Blink in Google Chrome before 89.0.4389.128 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.8
CVSSv2
CVE-2021-30542
Use after free in Tab Strip in Google Chrome before 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »