Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 32  Security Vulnerabilities
CVE-2021-21192
Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.015
Published
2021-03-16
CVE-2021-21193
Known exploited
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.126
Published
2021-03-16
CVE-2021-21191
Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.01
Published
2021-03-16
CVE-2021-20279
The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVSS Score
5.4
EPSS Score
0.006
Published
2021-03-15
CVE-2021-20280
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVSS Score
5.4
EPSS Score
0.007
Published
2021-03-15
CVE-2021-20281
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-03-15
CVE-2021-20282
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-03-15
CVE-2021-20283
The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CVSS Score
4.3
EPSS Score
0.003
Published
2021-03-15
CVE-2021-20179
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-03-15
CVE-2021-28375
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved