Fedoraproject: >> Fedora >> 33 Security Vulnerabilities
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.032
Published
2020-11-03
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.014
Published
2020-11-03
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.014
Published
2020-11-03
WordPress before 5.5.2 allows stored XSS via post slugs.
CVSS Score
6.1
EPSS Score
0.103
Published
2020-11-02
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
CVSS Score
7.5
EPSS Score
0.011
Published
2020-11-02
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.
CVSS Score
9.8
EPSS Score
0.477
Published
2020-11-02
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-11-02
WordPress before 5.5.2 allows XSS associated with global variables.
CVSS Score
6.1
EPSS Score
0.014
Published
2020-11-02
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
CVSS Score
9.8
EPSS Score
0.044
Published
2020-11-02
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
CVSS Score
9.8
EPSS Score
0.048
Published
2020-11-02