Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-30577 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.
local
low complexity
google fedoraproject CWE-732
7.8
7.8
2021-08-03 CVE-2021-30578 Use of Uninitialized Resource vulnerability in multiple products
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject CWE-908
8.8
8.8
2021-08-03 CVE-2021-30579 Use After Free vulnerability in multiple products
Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30581 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30585 Use After Free vulnerability in multiple products
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30586 Use After Free vulnerability in multiple products
Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2021-08-03 CVE-2021-30588 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2021-08-02 CVE-2021-3673 Unchecked Return Value vulnerability in multiple products
A vulnerability was found in Radare2 in version 5.3.1.
network
low complexity
radare fedoraproject CWE-252
7.5
7.5
2021-07-30 CVE-2021-32610 Link Following vulnerability in multiple products
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
local
low complexity
php debian fedoraproject CWE-59
7.1
7.1
2021-07-30 CVE-2021-36386 Missing Initialization of Resource vulnerability in multiple products
report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages.
network
low complexity
fetchmail fedoraproject CWE-909
7.5
7.5