Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-22 | CVE-2021-21155 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-02-22 | CVE-2021-21154 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-02-22 | CVE-2021-21153 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2021-02-22 | CVE-2021-21152 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-02-22 | CVE-2021-21151 | Use After Free vulnerability in multiple products Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-02-22 | CVE-2021-21150 | Use After Free vulnerability in multiple products Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-02-22 | CVE-2021-21149 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2021-02-18 | CVE-2020-28463 | Server-Side Request Forgery (SSRF) vulnerability in multiple products All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. | 6.5 |
| 2021-02-17 | CVE-2020-8625 | Classic Buffer Overflow vulnerability in multiple products BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. | 8.1 |
| 2021-02-17 | CVE-2021-22174 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 7.5 |