Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2021-21168 | Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2021-03-09 | CVE-2021-21164 | Origin Validation Error vulnerability in multiple products Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-03-09 | CVE-2021-21163 | Origin Validation Error vulnerability in multiple products Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server. | 6.5 |
| 2021-03-08 | CVE-2021-23351 | The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. | 4.9 |
| 2021-03-04 | CVE-2020-25639 | A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. | 4.4 |
| 2021-03-03 | CVE-2021-22878 | Cross-site Scripting vulnerability in multiple products Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`. | 4.8 |
| 2021-03-03 | CVE-2021-22877 | Missing Authorization vulnerability in multiple products A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet. | 6.5 |
| 2021-03-03 | CVE-2020-8296 | Weak Password Requirements vulnerability in multiple products Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured. | 6.7 |
| 2021-03-03 | CVE-2020-28591 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. | 6.5 |
| 2021-03-03 | CVE-2021-20225 | Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. | 6.7 |