Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-09 | CVE-2021-21195 | Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-09 | CVE-2021-21194 | Use After Free vulnerability in multiple products Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-08 | CVE-2021-29154 | Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. | 7.8 |
| 2021-04-07 | CVE-2021-30184 | Classic Buffer Overflow vulnerability in multiple products GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. | 7.8 |
| 2021-04-06 | CVE-2021-29424 | Incorrect Type Conversion or Cast vulnerability in multiple products The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. | 7.5 |
| 2021-04-05 | CVE-2021-20305 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. | 8.1 |
| 2021-04-02 | CVE-2021-1844 | Out-of-bounds Write vulnerability in multiple products A memory corruption issue was addressed with improved validation. | 8.8 |
| 2021-04-02 | CVE-2021-1789 | Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved state handling. | 8.8 |
| 2021-04-02 | CVE-2021-1788 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 8.8 |
| 2021-04-01 | CVE-2021-29421 | XXE vulnerability in multiple products models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries. | 7.5 |