Vulnerabilities > Fedoraproject > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-30473 Release of Invalid Pointer or Reference vulnerability in multiple products
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.
network
low complexity
aomedia fedoraproject CWE-763
critical
 9.8
9.8
2021-05-05 CVE-2021-31800 Path Traversal vulnerability in multiple products
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22.
network
low complexity
secureauth fedoraproject CWE-22
critical
 9.8
9.8
2021-04-26 CVE-2021-21226 Use After Free vulnerability in multiple products
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
critical
 9.6
9.6
2021-04-26 CVE-2021-21201 Use After Free vulnerability in multiple products
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
critical
 9.6
9.6
2021-04-26 CVE-2021-21223 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6
2021-04-14 CVE-2021-31162 Double Free vulnerability in multiple products
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
network
low complexity
rust-lang fedoraproject CWE-415
critical
 9.8
9.8
2021-04-11 CVE-2021-28879 Integer Overflow or Wraparound vulnerability in multiple products
In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow.
network
low complexity
rust-lang fedoraproject CWE-190
critical
 9.8
9.8
2021-04-05 CVE-2021-20307 Use of Externally-Controlled Format String vulnerability in multiple products
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values.
network
low complexity
libpano13-project fedoraproject debian CWE-134
critical
 9.8
9.8
2021-04-02 CVE-2021-1871 A logic issue was addressed with improved restrictions.
network
low complexity
apple debian fedoraproject
critical
 9.8
9.8
2021-04-02 CVE-2021-1870 A logic issue was addressed with improved restrictions.
network
low complexity
apple webkitgtk fedoraproject
critical
 9.8
9.8