Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5116 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-30540 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 6.5 Medium |
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | ||||
CVE-2021-30516 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Heap buffer overflow in History in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30501 | 3 Fedoraproject, Redhat, Upx Project | 3 Fedora, Enterprise Linux, Upx | 2024-08-03 | 5.5 Medium |
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file. | ||||
CVE-2021-30521 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-08-03 | 8.8 High |
Heap buffer overflow in Autofill in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | ||||
CVE-2021-30533 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 6.5 Medium |
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe. | ||||
CVE-2021-30548 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30532 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 4.3 Medium |
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | ||||
CVE-2021-30513 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30509 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension. | ||||
CVE-2021-30469 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-08-03 | 5.5 Medium |
A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. | ||||
CVE-2021-30528 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-08-03 | 8.8 High |
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30506 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-08-03 | 8.8 High |
Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page. | ||||
CVE-2021-30514 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30524 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30475 | 2 Aomedia, Fedoraproject | 2 Aomedia, Fedora | 2024-08-03 | 9.8 Critical |
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. | ||||
CVE-2021-30529 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30530 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Out of bounds memory access in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | ||||
CVE-2021-30553 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30518 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2021-30517 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-08-03 | 8.8 High |
Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |