Skip to main content
CVE-2021-23437 HIGH POC PATCH This Week

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Pillow Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-30624 HIGH PATCH This Week

Chromium: CVE-2021-30624 Use after free in Autofill. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30623 HIGH PATCH This Week

Chromium: CVE-2021-30623 Use after free in Bookmarks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-30622 HIGH PATCH This Week

Chromium: CVE-2021-30622 Use after free in WebApp Installs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30620 HIGH PATCH This Week

Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30618 HIGH PATCH This Week

Chromium: CVE-2021-30618 Inappropriate implementation in DevTools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Information Disclosure Fedora Edge Edge Chromium
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30616 HIGH PATCH This Week

Chromium: CVE-2021-30616 Use after free in Media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-30614 HIGH PATCH This Week

Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Google Fedora Edge +1
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2021-30613 HIGH PATCH This Week

Chromium: CVE-2021-30613 Use after free in Base internals. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30612 HIGH PATCH This Week

Chromium: CVE-2021-30612 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-30611 HIGH PATCH This Week

Chromium: CVE-2021-30611 Use after free in WebRTC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-30610 HIGH PATCH This Week

Chromium: CVE-2021-30610 Use after free in Extensions API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30609 HIGH PATCH This Week

Chromium: CVE-2021-30609 Use after free in Sign-In. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2021-30608 HIGH PATCH This Week

Chromium: CVE-2021-30608 Use after free in Web Share. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30607 HIGH PATCH This Week

Chromium: CVE-2021-30607 Use after free in Permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Fedora +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-30606 HIGH PATCH This Week

Chromium: CVE-2021-30606 Use after free in Blink. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Use After Free Denial Of Service Memory Corruption Google Edge +2
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2021-39192 HIGH PATCH This Week

Ghost is a Node.js content management system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Node.js Information Disclosure Ghost
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-40490 HIGH PATCH This Week

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition Linux Kernel Fedora +14
NVD
CVSS 3.1
7.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy