Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-01	CVE-2021-45930	Out-of-bounds Write vulnerability in multiple products Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). local low complexity qt fedoraproject debian CWE-787	5.5
2022-01-01	CVE-2021-45942	Out-of-bounds Write vulnerability in multiple products OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). local low complexity openexr fedoraproject debian CWE-787	5.5
2022-01-01	CVE-2021-45943	Out-of-bounds Write vulnerability in multiple products GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). local low complexity osgeo debian fedoraproject oracle CWE-787	5.5
2022-01-01	CVE-2021-45944	Use After Free vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). local low complexity artifex debian CWE-416	5.5
2022-01-01	CVE-2021-45949	Out-of-bounds Write vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). local low complexity artifex debian CWE-787	5.5
2022-01-01	CVE-2021-45958	Out-of-bounds Write vulnerability in multiple products UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). local low complexity ultrajson-project debian fedoraproject CWE-787	5.5
2021-12-31	CVE-2021-4193	Out-of-bounds Read vulnerability in multiple products vim is vulnerable to Out-of-bounds Read local low complexity vim fedoraproject debian apple CWE-125	5.5
2021-12-28	CVE-2021-44832	Improper Input Validation vulnerability in multiple products Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. network high complexity apache oracle cisco fedoraproject debian CWE-20	6.6
2021-12-28	CVE-2021-45909	Out-of-bounds Write vulnerability in multiple products An issue was discovered in gif2apng 1.9. network gif2apng-project debian CWE-787	6.8
2021-12-28	CVE-2021-45910	Out-of-bounds Write vulnerability in multiple products An issue was discovered in gif2apng 1.9. network gif2apng-project debian CWE-787	6.8