Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 33 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-29157
Dovecot prior to 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
Dovecot Dovecot
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2021-21419
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts web...
Eventlet Eventlet
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2021-21424
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch user...
Sensiolabs Symfony
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4
CVSSv2
CVE-2020-15117
In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff (4294967295) if the servers memory is less than 4 GB. It was verified that this issue does not cause a crash through the exception han...
Symless Synergy
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5
CVSSv2
CVE-2013-7488
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) up to and including 0.27 allows remote malicious users to cause an infinite loop via unexpected input.
Convert\\ \\ Asn1 Project
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5
CVSSv2
CVE-2020-36280
Leptonica prior to 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c.
Leptonica Leptonica
Fedoraproject Fedora 32
Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2021-32613
In radare2 up to and including 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
Radare Radare2
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2021-32617
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm (quadratic complexity) was found in Exiv2 versions v0.27.3 and previous versions. The inefficient algorithm is triggered when Exiv2 ...
Exiv2 Exiv2
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.3
CVSSv2
CVE-2021-32708
Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allo...
Thephpleague Flysystem
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
4
CVSSv2
CVE-2020-28200
The Sieve engine in Dovecot prior to 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated by a situation with a complex regular expression for the regex extension.
Dovecot Dovecot
Fedoraproject Fedora 33
Fedoraproject Fedora 34
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »