The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Fedora

Xen: information disclosure via Uncleaned ARM Cache
An attacker, inside a guest system, can bypass access restrictions to data via Uncleaned ARM Cache of Xen, in order to obtain sensitive information on the host system...
CERTFR-2021-AVI-123, CVE-2021-26933, FEDORA-2021-47f53a940a, FEDORA-2021-4c819bf1ad, VIGILANCE-VUL-34592, XSA-364
Xen, Linux: security improvement via Display Frontend Be-alloc
The security of Xen was improved because Display Frontend Be-alloc is unsupported...
CVE-2021-26934, FEDORA-2021-47f53a940a, FEDORA-2021-4c819bf1ad, VIGILANCE-VUL-34591, XSA-363
Jasper: NULL pointer dereference via jp2_decode
An attacker can force a NULL pointer to be dereferenced via jp2_decode() of Jasper, in order to trigger a denial of service...
CVE-2021-26927, FEDORA-2021-0c18ee6369, FEDORA-2021-7716e59d84, VIGILANCE-VUL-34574
CPU-X: security improvement
The security of CPU-X was improved...
FEDORA-2021-9b7b3599be, VIGILANCE-VUL-34349
zypper: information disclosure via Logged HTTP Proxy Credentials
An attacker can bypass access restrictions to data via Logged HTTP Proxy Credentials of zypper, in order to obtain sensitive information...
CVE-2017-9271, FEDORA-2021-ebc1c35c5d, openSUSE-SU-2021:0059-1, SUSE-SU-2021:0109-1, VIGILANCE-VUL-34308
binutils: NULL pointer dereference via bfd_pef_scan_start_address
An attacker can force a NULL pointer to be dereferenced via bfd_pef_scan_start_address() of binutils, in order to trigger a denial of service...
CVE-2020-35496, FEDORA-2020-28c78a6ac3, VIGILANCE-VUL-34255
binutils: NULL pointer dereference via bfd_pef_parse_symbols
An attacker can force a NULL pointer to be dereferenced via bfd_pef_parse_symbols() of binutils, in order to trigger a denial of service...
CVE-2020-35495, FEDORA-2020-28c78a6ac3, VIGILANCE-VUL-34254
binutils: information disclosure via tic4x_print_cond
A local attacker can read a memory fragment via tic4x_print_cond() of binutils, in order to obtain sensitive information...
CVE-2020-35494, FEDORA-2020-28c78a6ac3, VIGILANCE-VUL-34253
Dovecot: denial of service via MIME Parsing
An attacker can trigger a fatal error via MIME Parsing of Dovecot, in order to trigger a denial of service...
CVE-2020-25275, DLA-2517-1, DSA-4825-1, FEDORA-2021-c90cb486f7, openSUSE-SU-2021:0026-1, openSUSE-SU-2021:0072-1, SUSE-SU-2021:0027-1, SUSE-SU-2021:0028-1, SUSE-SU-2021:0029-1, USN-4674-1, USN-4674-2, VIGILANCE-VUL-34233
RoundCube: Cross Site Scripting via Message Content
An attacker can trigger a Cross Site Scripting via Message Content of RoundCube, in order to run JavaScript code in the context of the web site...
CVE-2020-35730, DLA-2508-1, DSA-4821-1, FEDORA-2021-2cb0643316, FEDORA-2021-73359af51c, VIGILANCE-VUL-34214
Our database contains other pages. You can request a free trial to read them.

Display information about Fedora: