Vulnerabilities > Fedoraproject > Fedora > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-20204 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases.
network
low complexity
getdata-project debian fedoraproject CWE-119
critical
 9.8
9.8
2021-05-05 CVE-2021-31800 Path Traversal vulnerability in multiple products
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22.
network
low complexity
secureauth fedoraproject CWE-22
critical
 9.8
9.8
2021-04-26 CVE-2021-21223 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6
2021-04-26 CVE-2021-21201 Use After Free vulnerability in multiple products
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
critical
 9.6
9.6
2021-04-26 CVE-2021-21226 Use After Free vulnerability in multiple products
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
critical
 9.6
9.6
2021-04-14 CVE-2021-31162 Double Free vulnerability in multiple products
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
network
low complexity
rust-lang fedoraproject CWE-415
critical
 9.8
9.8
2021-04-11 CVE-2021-28879 Integer Overflow or Wraparound vulnerability in multiple products
In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow.
network
low complexity
rust-lang fedoraproject CWE-190
critical
 9.8
9.8
2021-04-05 CVE-2021-20307 Use of Externally-Controlled Format String vulnerability in multiple products
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values.
network
low complexity
libpano13-project fedoraproject debian CWE-134
critical
 9.8
9.8
2021-04-02 CVE-2021-1870 A logic issue was addressed with improved restrictions.
network
low complexity
apple webkitgtk fedoraproject
critical
 9.8
9.8
2021-04-02 CVE-2021-1871 A logic issue was addressed with improved restrictions.
network
low complexity
apple debian fedoraproject
critical
 9.8
9.8