Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora
Total 5316 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-30887 3 Apple, Debian, Fedoraproject 7 Ipados, Iphone Os, Macos and 4 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.
CVE-2021-30539 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 5.8 MEDIUM 5.4 MEDIUM
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2021-30553 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30620 2 Fedoraproject, Microsoft 3 Fedora, Edge, Edge Chromium 2023-11-07 6.8 MEDIUM 8.8 HIGH
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVE-2021-30622 2 Fedoraproject, Microsoft 3 Fedora, Edge, Edge Chromium 2023-11-07 6.8 MEDIUM 8.8 HIGH
Chromium: CVE-2021-30622 Use after free in WebApp Installs
CVE-2021-30600 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30515 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30569 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30630 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
CVE-2021-30611 2 Fedoraproject, Microsoft 3 Fedora, Edge, Edge Chromium 2023-11-07 6.8 MEDIUM 8.8 HIGH
Chromium: CVE-2021-30611 Use after free in WebRTC
CVE-2021-30540 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2021-30846 3 Apple, Debian, Fedoraproject 8 Ipados, Iphone Os, Macos and 5 more 2023-11-07 6.8 MEDIUM 7.8 HIGH
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30538 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2021-30625 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30545 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30523 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
CVE-2021-30591 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30465 2 Fedoraproject, Linuxfoundation 2 Fedora, Runc 2023-11-07 6.0 MEDIUM 8.5 HIGH
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.
CVE-2021-30601 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30508 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page.