Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-30 | CVE-2021-21228 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | 4.3 |
2021-04-30 | CVE-2021-21233 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21232 | Use After Free vulnerability in multiple products Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21231 | Out-of-bounds Write vulnerability in multiple products Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21230 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-29464 | Out-of-bounds Write vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 7.8 |
2021-04-30 | CVE-2021-29463 | Out-of-bounds Read vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |
2021-04-30 | CVE-2021-20266 | Out-of-bounds Read vulnerability in multiple products A flaw was found in RPM's hdrblobInit() in lib/header.c. | 4.9 |
2021-04-29 | CVE-2020-15225 | Incorrect Conversion between Numeric Types vulnerability in multiple products django-filter is a generic system for filtering Django QuerySets based on user selections. | 6.5 |
2021-04-29 | CVE-2020-18032 | Classic Buffer Overflow vulnerability in multiple products Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. | 7.8 |