Fedoraproject: >> Fedora >> 32 Security Vulnerabilities
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
CVSS Score
5.5
EPSS Score
0.006
Published
2021-04-26
CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Known exploited
CVSS Score
8.8
EPSS Score
0.928
Published
2021-04-26
Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.012
Published
2021-04-26
Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.004
Published
2021-04-26
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS Score
9.6
EPSS Score
0.016
Published
2021-04-26
CVE-2021-21224
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Known exploited
CVSS Score
8.8
EPSS Score
0.667
Published
2021-04-26
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.02
Published
2021-04-26
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS Score
9.6
EPSS Score
0.013
Published
2021-04-26
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-04-26
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-04-26