Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 33 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-30630
Inappropriate implementation in Blink in Google Chrome before 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2021-30632
Out of bounds write in V8 in Google Chrome before 93.0.4577.82 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 35
2 Github repositories
1 Article
8.8
CVSSv3
CVE-2020-35654
In Pillow prior to 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.4
CVSSv3
CVE-2020-35655
In Pillow prior to 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2020-26890
Matrix Synapse prior to 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote malicious users to execute a denial of service attack against the federation and common Matrix clients. If such a malformed ...
Matrix Synapse
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.2
CVSSv3
CVE-2021-42382
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
Busybox Busybox
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.2
CVSSv3
CVE-2021-42385
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
Busybox Busybox
Fedoraproject Fedora 33
Fedoraproject Fedora 34
8.8
CVSSv3
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 ver...
Drupal Drupal
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.3
CVSSv3
CVE-2021-32062
MapServer prior to 7.0.8, 7.1.x and 7.2.x prior to 7.2.3, 7.3.x and 7.4.x prior to 7.4.5, and 7.5.x and 7.6.x prior to 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded ...
Osgeo Mapserver
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.4
CVSSv3
CVE-2021-32642
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Use...
Uninett Radsecproxy
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-0557
injection
adifier system
denial of service
unauthorized
CVE-2024-55591
CVE-2025-0282
CVE-2024-49354
CVE-2025-21651
CVE-2025-21644
ultimate member – user profile, registration, login, member directory, content restriction & membership plugin
eteubert
tduck-platform
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »