Vulnerabilities > Fedoraproject > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-05 | CVE-2021-31542 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | 7.5 |
2021-05-04 | CVE-2021-29478 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |
2021-05-04 | CVE-2021-29477 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |
2021-04-30 | CVE-2021-21227 | Out-of-bounds Write vulnerability in multiple products Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21233 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21232 | Use After Free vulnerability in multiple products Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21231 | Out-of-bounds Write vulnerability in multiple products Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-21230 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2021-04-30 | CVE-2021-29464 | Out-of-bounds Write vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 7.8 |
2021-04-29 | CVE-2020-18032 | Classic Buffer Overflow vulnerability in multiple products Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. | 7.8 |