Vulnerabilities > Fedoraproject > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2021-21223 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-04-14 | CVE-2021-31162 | Double Free vulnerability in multiple products In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. | 9.8 |
| 2021-04-11 | CVE-2021-28879 | Integer Overflow or Wraparound vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. | 9.8 |
| 2021-04-05 | CVE-2021-20307 | Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. | 9.8 |
| 2021-04-02 | CVE-2021-1871 | A logic issue was addressed with improved restrictions. | 9.8 |
| 2021-04-02 | CVE-2021-1870 | A logic issue was addressed with improved restrictions. | 9.8 |
| 2021-03-25 | CVE-2021-3466 | A flaw was found in libmicrohttpd. | 9.8 |
| 2021-03-25 | CVE-2020-1946 | OS Command Injection vulnerability in multiple products In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. | 9.8 |
| 2021-03-23 | CVE-2021-21351 | XStream is a Java library to serialize objects to XML and back again. | 9.1 |
| 2021-03-23 | CVE-2021-21350 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |