Vulnerabilities > Fedoraproject > Fedora > 35

DATE CVE VULNERABILITY TITLE RISK
2021-08-07 CVE-2021-38173 Command Injection vulnerability in multiple products
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
network
low complexity
digint debian fedoraproject CWE-77
critical
 9.8
9.8
2021-08-07 CVE-2021-38165 Insufficiently Protected Credentials vulnerability in multiple products
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
network
high complexity
lynx-project debian fedoraproject CWE-522
5.3
5.3
2021-08-03 CVE-2021-30565 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2021-08-03 CVE-2021-30566 Out-of-bounds Write vulnerability in multiple products
Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2021-08-03 CVE-2021-30567 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30568 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2021-08-03 CVE-2021-30569 Use After Free vulnerability in multiple products
Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30571 Incorrect Authorization vulnerability in multiple products
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-863
critical
 9.6
9.6
2021-08-03 CVE-2021-30572 Use After Free vulnerability in multiple products
Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30573 Use After Free vulnerability in multiple products
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8