Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-07	CVE-2021-30534	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google fedoraproject CWE-863	6.5
2021-06-07	CVE-2021-30537	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page. network low complexity google fedoraproject CWE-863	4.3
2021-06-07	CVE-2021-30538	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google fedoraproject CWE-863	4.3
2021-06-07	CVE-2021-30539	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google fedoraproject CWE-863	5.4
2021-06-07	CVE-2021-30540	Injection vulnerability in multiple products Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google fedoraproject CWE-74	6.5
2021-06-07	CVE-2021-33896	Path Traversal vulnerability in multiple products Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. network low complexity dino fedoraproject CWE-22	5.3
2021-06-04	CVE-2021-3565	Use of Hard-coded Credentials vulnerability in multiple products A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. network high complexity tpm2-tools-project redhat fedoraproject CWE-798	5.9
2021-06-02	CVE-2021-28678	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. local low complexity python fedoraproject CWE-345	5.5
2021-06-02	CVE-2019-12067	NULL Pointer Dereference vulnerability in multiple products The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. local low complexity qemu debian fedoraproject redhat CWE-476	6.5
2021-06-02	CVE-2021-28675	Unchecked Return Value vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. local low complexity python fedoraproject CWE-252	5.5