Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-6802
In Mozilla Bleach prior to 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
Mozilla Bleach
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
2 Github repositories
9.8
CVSSv3
CVE-2022-24883
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affect...
Freerdp Freerdp
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
9.8
CVSSv3
CVE-2022-29502
SchedMD Slurm 21.08.x up to and including 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.
Schedmd Slurm
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2021-27923
Pillow prior to 8.1.1 allows malicious users to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.8
CVSSv3
CVE-2022-26126
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
Frrouting Frrouting
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2021-29424
The Net::Netmask module prior to 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Net\\ \\ Netmask Project
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
8.8
CVSSv3
CVE-2021-30576
Use after free in DevTools in Google Chrome before 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2021-30604
Use after free in ANGLE in Google Chrome before 92.0.4515.159 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5.5
CVSSv3
CVE-2022-30674
Adobe InDesign versions 16.4.2 (and previous versions) and 17.3 (and previous versions) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploit...
Adobe Indesign
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
8.8
CVSSv3
CVE-2021-41160
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the clie...
Freerdp Freerdp
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »