Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 33 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-30597
Use after free in Browser UI in Google Chrome on Chrome before 92.0.4515.131 allowed a remote malicious user to potentially exploit heap corruption via physical access to the device.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5
CVSSv2
CVE-2021-29424
The Net::Netmask module prior to 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Net\\ \\ Netmask Project
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2021-39272
Fetchmail prior to 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
Fetchmail Fetchmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.3
CVSSv2
CVE-2021-39358
In GNOME libgfbgraph up to and including 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Gnome Libgfbgraph
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
4.3
CVSSv2
CVE-2021-39360
In GNOME libzapojit up to and including 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Gnome Libzapojit
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
3.5
CVSSv2
CVE-2021-20280
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle prior to 3.10.2, 3.9.5, 3.8.8, 3.5.17.
Moodle Moodle
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2021-41800
MediaWiki prior to 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv2
CVE-2021-31800
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket up to and including 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary...
Secureauth Impacket
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
5
CVSSv2
CVE-2021-29063
A Regular Expression Denial of Service (ReDOS) vulnerability exists in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
Mpmath Mpmath
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5
CVSSv2
CVE-2021-27923
Pillow prior to 8.1.1 allows malicious users to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »