Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Fedoraproject Subscribe
Total 5385 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-30591 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30465 2 Fedoraproject, Linuxfoundation 2 Fedora, Runc 2023-11-07 6.0 MEDIUM 8.5 HIGH
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.
CVE-2021-30601 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30508 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30534 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-30552 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30588 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30524 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30521 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Autofill in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
CVE-2021-30544 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30585 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30607 2 Fedoraproject, Microsoft 3 Fedora, Edge, Edge Chromium 2023-11-07 6.8 MEDIUM 8.8 HIGH
Chromium: CVE-2021-30607 Use after free in Permissions
CVE-2021-30565 3 Fedoraproject, Google, Linux 4 Fedora, Chrome, Chrome Os and 1 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
CVE-2021-30612 2 Fedoraproject, Microsoft 3 Fedora, Edge, Edge Chromium 2023-11-07 6.8 MEDIUM 8.8 HIGH
Chromium: CVE-2021-30612 Use after free in WebRTC
CVE-2021-30555 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture.
CVE-2021-30623 2 Fedoraproject, Microsoft 3 Fedora, Edge, Edge Chromium 2023-11-07 6.8 MEDIUM 8.8 HIGH
Chromium: CVE-2021-30623 Use after free in Bookmarks
CVE-2021-30542 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30178 2 Fedoraproject, Linux 2 Fedora, Linux Kernel 2023-11-07 2.1 LOW 5.5 MEDIUM
An issue was discovered in the Linux kernel through 5.11.11. synic_get in arch/x86/kvm/hyperv.c has a NULL pointer dereference for certain accesses to the SynIC Hyper-V context, aka CID-919f4ebc5987.
CVE-2021-30573 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30567 2 Fedoraproject, Google 2 Fedora, Chrome 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.