Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 33 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-41798
MediaWiki prior to 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-41799
MediaWiki prior to 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5.3
CVSSv3
CVE-2021-41800
MediaWiki prior to 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5.9
CVSSv3
CVE-2021-39358
In GNOME libgfbgraph up to and including 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Gnome Libgfbgraph
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5.9
CVSSv3
CVE-2021-39360
In GNOME libzapojit up to and including 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Gnome Libzapojit
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-29424
The Net::Netmask module prior to 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Net\\ \\ Netmask Project
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.5
CVSSv3
CVE-2021-30582
Inappropriate implementation in Animation in Google Chrome before 92.0.4515.107 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.5
CVSSv3
CVE-2021-30583
Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS before 92.0.4515.107 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.5
CVSSv3
CVE-2021-30584
Incorrect security UI in Downloads in Google Chrome on Android before 92.0.4515.107 allowed a remote malicious user to perform domain spoofing via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2021-30586
Use after free in dialog box handling in Windows in Google Chrome before 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »