Vulnerabilities > Fedoraproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-11 | CVE-2021-28878 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. | 7.5 |
| 2021-04-09 | CVE-2021-21199 | Use After Free vulnerability in multiple products Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-09 | CVE-2021-21198 | Out-of-bounds Read vulnerability in multiple products Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 7.4 |
| 2021-04-09 | CVE-2021-21197 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-09 | CVE-2021-21196 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-09 | CVE-2021-21195 | Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-09 | CVE-2021-21194 | Use After Free vulnerability in multiple products Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-04-08 | CVE-2021-29154 | Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. | 7.8 |
| 2021-04-07 | CVE-2021-30184 | Classic Buffer Overflow vulnerability in multiple products GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. | 7.8 |
| 2021-04-06 | CVE-2021-29424 | Incorrect Type Conversion or Cast vulnerability in multiple products The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. | 7.5 |