Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fedoraproject Subscribe
Total 4434 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-36278 4 Debian, Fedoraproject, Leptonica and 1 more 4 Debian Linux, Fedora, Leptonica and 1 more 2021-12-03 5.0 MEDIUM 7.5 HIGH
Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.
CVE-2021-21170 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-21171 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-21169 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2021-21168 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2021-21159 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21166 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21167 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21164 4 Apple, Debian, Fedoraproject and 1 more 4 Iphone Os, Debian Linux, Fedora and 1 more 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21160 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21161 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21179 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-12-03 6.8 MEDIUM 8.8 HIGH
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21180 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21181 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2021-21176 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-21174 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-21173 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21163 4 Apple, Debian, Fedoraproject and 1 more 4 Iphone Os, Debian Linux, Fedora and 1 more 2021-12-03 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.
CVE-2021-21165 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21162 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-12-03 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.