High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-02	CVE-2021-37988	Use After Free vulnerability in multiple products Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-416	8.8
2021-11-02	CVE-2021-37991	Race Condition vulnerability in multiple products Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network high complexity google debian CWE-362	7.5
2021-11-02	CVE-2021-37992	Out-of-bounds Read vulnerability in multiple products Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-125	8.8
2021-11-02	CVE-2021-37993	Use After Free vulnerability in multiple products Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-416	8.8
2021-11-02	CVE-2021-37977	Use After Free vulnerability in multiple products Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-11-02	CVE-2021-37978	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-787	8.8
2021-11-02	CVE-2021-37979	Out-of-bounds Write vulnerability in multiple products heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-787	8.8
2021-11-02	CVE-2021-37980	Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. network low complexity google fedoraproject debian	7.4
2021-10-27	CVE-2021-3903	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian	7.8
2021-10-25	CVE-2021-21703	Out-of-bounds Write vulnerability in multiple products In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user. local high complexity php debian fedoraproject netapp oracle CWE-787	7.0