Vulnerabilities > Fedoraproject
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-02 | CVE-2021-30556 | Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-07-02 | CVE-2021-30557 | Use After Free vulnerability in multiple products Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-07-02 | CVE-2021-35197 | Incorrect Authorization vulnerability in multiple products In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. | 7.5 |
2021-07-02 | CVE-2021-35042 | SQL Injection vulnerability in multiple products Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application. | 9.8 |
2021-07-01 | CVE-2021-36084 | Use After Free vulnerability in multiple products The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). | 3.3 |
2021-07-01 | CVE-2021-36085 | Use After Free vulnerability in multiple products The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). | 3.3 |
2021-07-01 | CVE-2021-36086 | Use After Free vulnerability in multiple products The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). | 3.3 |
2021-07-01 | CVE-2021-36087 | Out-of-bounds Read vulnerability in multiple products The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). | 3.3 |
2021-06-30 | CVE-2021-3630 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. | 5.5 |
2021-06-29 | CVE-2021-33503 | Resource Exhaustion vulnerability in multiple products An issue was discovered in urllib3 before 1.26.5. | 7.5 |