Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-03 | CVE-2021-30586 | Use After Free vulnerability in multiple products Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-08-03 | CVE-2021-30587 | Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
2021-08-03 | CVE-2021-30588 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-08-03 | CVE-2021-30589 | Improper Encoding or Escaping of Output vulnerability in multiple products Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link. | 4.3 |
2021-08-02 | CVE-2021-32810 | Race Condition vulnerability in multiple products crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. | 9.8 |
2021-08-02 | CVE-2021-3673 | Unchecked Return Value vulnerability in multiple products A vulnerability was found in Radare2 in version 5.3.1. | 7.5 |
2021-08-02 | CVE-2021-34556 | Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | 5.5 |
2021-08-02 | CVE-2021-35477 | Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. | 5.5 |
2021-07-30 | CVE-2021-37746 | Open Redirect vulnerability in multiple products textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click. | 6.1 |
2021-07-30 | CVE-2021-32610 | Link Following vulnerability in multiple products In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. | 7.1 |