Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2020-35522

  • EPSS 0.04%
  • Published 09.03.2021 20:15:12
  • Last modified 21.11.2024 05:27:29

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

7.1

CVE-2021-20244

  • EPSS 0.13%
  • Published 09.03.2021 19:15:12
  • Last modified 21.11.2024 05:46:12

A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability ...

7.1

CVE-2021-20245

  • EPSS 0.17%
  • Published 09.03.2021 19:15:12
  • Last modified 21.11.2024 05:46:12

A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system a...

7.1

CVE-2021-20246

  • EPSS 0.18%
  • Published 09.03.2021 19:15:12
  • Last modified 21.11.2024 05:46:12

A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to ...

6.5

CVE-2021-21176

Exploit
  • EPSS 0.97%
  • Published 09.03.2021 18:15:17
  • Last modified 21.11.2024 05:47:42

Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5

CVE-2021-21177

Exploit
  • EPSS 1.39%
  • Published 09.03.2021 18:15:17
  • Last modified 21.11.2024 05:47:43

Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5

CVE-2021-21178

  • EPSS 0.97%
  • Published 09.03.2021 18:15:17
  • Last modified 21.11.2024 05:47:43

Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

8.8

CVE-2021-21179

Exploit
  • EPSS 1.28%
  • Published 09.03.2021 18:15:17
  • Last modified 21.11.2024 05:47:43

Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2021-21180

Exploit
  • EPSS 1.28%
  • Published 09.03.2021 18:15:17
  • Last modified 21.11.2024 05:47:43

Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2021-21181

  • EPSS 1.36%
  • Published 09.03.2021 18:15:17
  • Last modified 21.11.2024 05:47:43

Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.