Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2021-28116 Out-of-bounds Read vulnerability in multiple products
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data.
network
low complexity
squid-cache fedoraproject debian CWE-125
5.3
5.3
2021-03-09 CVE-2021-21300 Link Following vulnerability in multiple products
Git is an open-source distributed revision control system.
network
high complexity
git-scm fedoraproject apple debian CWE-59
7.5
7.5
2021-03-09 CVE-2020-35524 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. 		7.8
7.8
2021-03-09 CVE-2020-35522 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c.
local
low complexity
libtiff netapp fedoraproject redhat CWE-119
5.5
5.5
2021-03-09 CVE-2020-35521 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in libtiff.
local
low complexity
libtiff redhat fedoraproject netapp CWE-119
5.5
5.5
2021-03-09 CVE-2021-20246 A flaw was found in ImageMagick in MagickCore/resample.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-20245 A flaw was found in ImageMagick in coders/webp.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-20244 A flaw was found in ImageMagick in MagickCore/visual-effects.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-21190 Use of Uninitialized Resource vulnerability in multiple products
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
network
low complexity
google fedoraproject debian CWE-908
8.8
8.8
2021-03-09 CVE-2021-21189 Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3