Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  Security Vulnerabilities
CVE-2021-4186
Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVSS Score
6.3
EPSS Score
0.001
Published
2021-12-30
CVE-2021-4190
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file
CVSS Score
7.5
EPSS Score
0.001
Published
2021-12-30
CVE-2021-23727
This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or somehow manipulate the metadata within a celery backend, they could trigger a stored command injection vulnerability and potentially gain further access to the system.
CVSS Score
7.5
EPSS Score
0.011
Published
2021-12-29
CVE-2021-4187
vim is vulnerable to Use After Free
CVSS Score
6.8
EPSS Score
0.003
Published
2021-12-29
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
CVSS Score
6.6
EPSS Score
0.536
Published
2021-12-28
CVE-2021-4173
vim is vulnerable to Use After Free
CVSS Score
6.8
EPSS Score
0.003
Published
2021-12-27
CVE-2021-4166
vim is vulnerable to Out-of-bounds Read
CVSS Score
7.1
EPSS Score
0.004
Published
2021-12-25
CVE-2021-45471
In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-12-24
CVE-2021-45472
In MediaWiki through 1.37, XSS can occur in Wikibase because an external identifier property can have a URL format that includes a $1 formatter substitution marker, and the javascript: URL scheme (among others) can be used.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-12-24
CVE-2021-45473
In MediaWiki through 1.37, Wikibase item descriptions allow XSS, which is triggered upon a visit to an action=info URL (aka a page-information sidebar).
CVSS Score
6.1
EPSS Score
0.003
Published
2021-12-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved