12.2.1

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-20	CVE-2021-44790	Out-of-bounds Write vulnerability in multiple products A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). network low complexity apache fedoraproject debian tenable netapp oracle apple CWE-787 critical	9.8
2021-12-19	CVE-2021-4136	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject apple CWE-122	7.8
2021-09-29	CVE-2021-22946	Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). network low complexity haxx debian fedoraproject netapp oracle apple siemens splunk CWE-319	7.5
2021-09-29	CVE-2021-22947	Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. network high complexity haxx fedoraproject debian netapp oracle siemens apple splunk CWE-345	5.9
2021-09-23	CVE-2021-22945	Double Free vulnerability in multiple products When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again. network low complexity haxx fedoraproject netapp oracle apple siemens debian splunk CWE-415 critical	9.1
2021-08-24	CVE-2021-30977	Classic Buffer Overflow vulnerability in Apple mac OS X and Macos A buffer overflow was addressed with improved bounds checking. local low complexity apple CWE-120	7.8
2021-08-24	CVE-2021-30918	Unspecified vulnerability in Apple products A Lock Screen issue was addressed with improved state management. low complexity apple	2.4
2021-08-24	CVE-2021-36690	A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. network low complexity sqlite oracle apple	7.5
2021-07-20	CVE-2021-36976	Use After Free vulnerability in multiple products libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). network low complexity libarchive fedoraproject apple splunk CWE-416	6.5