Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-30581 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30585 Use After Free vulnerability in multiple products
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30586 Use After Free vulnerability in multiple products
Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30588 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2021-08-02 CVE-2021-3673 Unchecked Return Value vulnerability in multiple products
A vulnerability was found in Radare2 in version 5.3.1.
network
low complexity
radare fedoraproject CWE-252
7.5
7.5
2021-07-30 CVE-2021-32610 Link Following vulnerability in multiple products
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
local
low complexity
php debian fedoraproject CWE-59
7.1
7.1
2021-07-30 CVE-2021-36386 Missing Initialization of Resource vulnerability in multiple products
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages.
network
low complexity
fetchmail fedoraproject CWE-909
7.5
7.5
2021-07-26 CVE-2021-37576 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
local
low complexity
linux fedoraproject CWE-787
7.8
7.8
2021-07-26 CVE-2021-31292 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.
network
low complexity
exiv2 debian fedoraproject CWE-190
7.5
7.5
2021-07-22 CVE-2021-35063 Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."
network
low complexity
oisf debian fedoraproject
7.5
7.5