Vulnerabilities > Fedoraproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2020-25097 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. | 8.6 |
| 2021-03-18 | CVE-2020-26797 | Out-of-bounds Write vulnerability in multiple products Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping. | 7.5 |
| 2021-03-18 | CVE-2020-27827 | A flaw was found in multiple versions of OpenvSwitch. | 7.5 |
| 2021-03-17 | CVE-2021-28660 | Out-of-bounds Write vulnerability in multiple products rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. | 8.8 |
| 2021-03-17 | CVE-2021-27291 | In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. | 7.5 |
| 2021-03-16 | CVE-2021-28543 | Reachable Assertion vulnerability in multiple products Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. | 7.5 |
| 2021-03-16 | CVE-2021-21193 | Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-03-16 | CVE-2021-21192 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-03-16 | CVE-2021-21191 | Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-03-15 | CVE-2021-20179 | A flaw was found in pki-core. | 8.1 |