High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-11	CVE-2021-42260	Infinite Loop vulnerability in multiple products TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. network low complexity tinyxml-project debian CWE-835	7.5
2021-10-11	CVE-2021-25633	Improper Certificate Validation vulnerability in multiple products LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. network low complexity libreoffice debian CWE-295	7.5
2021-10-08	CVE-2021-37956	Use After Free vulnerability in multiple products Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-10-08	CVE-2021-37957	Use After Free vulnerability in multiple products Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-10-08	CVE-2021-37959	Use After Free vulnerability in multiple products Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-10-08	CVE-2021-37961	Use After Free vulnerability in multiple products Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-10-08	CVE-2021-37962	Use After Free vulnerability in multiple products Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-10-08	CVE-2021-37969	Link Following vulnerability in multiple products Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. local low complexity google fedoraproject debian CWE-59	7.8
2021-10-08	CVE-2021-37970	Use After Free vulnerability in multiple products Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-10-08	CVE-2021-37972	Out-of-bounds Read vulnerability in multiple products Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-125	8.8