Vulnerabilities > Fedoraproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2021-38604 | NULL Pointer Dereference vulnerability in multiple products In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. | 7.5 |
| 2021-08-12 | CVE-2021-38593 | Out-of-bounds Write vulnerability in multiple products Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). | 7.5 |
| 2021-08-11 | CVE-2021-36770 | Uncontrolled Search Path Element vulnerability in multiple products Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. | 7.8 |
| 2021-08-11 | CVE-2021-0002 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial of service via local access. | 7.1 |
| 2021-08-10 | CVE-2021-38512 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. | 7.5 |
| 2021-08-07 | CVE-2021-38166 | Integer Overflow or Wraparound vulnerability in multiple products In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. | 7.8 |
| 2021-08-07 | CVE-2021-29923 | Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. | 7.5 |
| 2021-08-03 | CVE-2021-30565 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. | 8.8 |
| 2021-08-03 | CVE-2021-30566 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page. | 8.8 |
| 2021-08-03 | CVE-2021-30567 | Use After Free vulnerability in multiple products Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture. | 8.8 |