Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2021-21144 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | 8.8 |
| 2021-02-09 | CVE-2021-21143 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | 8.8 |
| 2021-02-09 | CVE-2021-21142 | Use After Free vulnerability in multiple products Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-02-09 | CVE-2021-26925 | Cross-site Scripting vulnerability in multiple products Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering. | 5.4 |
| 2021-02-08 | CVE-2020-36152 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA. | 8.8 |
| 2021-02-08 | CVE-2020-36151 | Out-of-bounds Write vulnerability in multiple products Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | 6.5 |
| 2021-02-08 | CVE-2020-36150 | Out-of-bounds Read vulnerability in multiple products Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. | 6.5 |
| 2021-02-08 | CVE-2020-36149 | NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. | 6.5 |
| 2021-02-08 | CVE-2020-36148 | NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. | 6.5 |
| 2021-02-07 | CVE-2020-36242 | Integer Overflow or Wraparound vulnerability in multiple products In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class. | 9.1 |