Total
4506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30529 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30528 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30527 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30525 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30524 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30523 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. | |||||
| CVE-2021-30522 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30520 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30519 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30515 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30514 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30512 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30510 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-29117 | 1 Esri | 1 Arcreader | 2023-11-07 | N/A | 7.8 HIGH |
| A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. | |||||
| CVE-2021-28553 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-23134 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. | |||||
| CVE-2021-21900 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Libdxfrw | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21779 | 3 Debian, Fedoraproject, Webkitgtk | 3 Debian Linux, Fedora, Webkitgtk | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. | |||||
| CVE-2021-21775 | 3 Debian, Fedoraproject, Webkitgtk | 3 Debian Linux, Fedora, Webkitgtk | 2023-11-07 | 6.0 MEDIUM | 8.0 HIGH |
| A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. | |||||
| CVE-2021-21772 | 3 3mf, Debian, Fedoraproject | 3 Lib3mf, Debian Linux, Fedora | 2023-11-07 | 6.8 MEDIUM | 8.1 HIGH |
| A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||