High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-16	CVE-2021-22940	Use After Free vulnerability in multiple products Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. network low complexity nodejs oracle netapp siemens debian CWE-416	7.5
2021-08-12	CVE-2021-38291	Reachable Assertion vulnerability in multiple products FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. network low complexity ffmpeg debian CWE-617	7.5
2021-08-10	CVE-2020-21688	Use After Free vulnerability in multiple products A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code. network low complexity ffmpeg debian CWE-416	8.8
2021-08-07	CVE-2021-38166	Integer Overflow or Wraparound vulnerability in multiple products In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. local low complexity linux fedoraproject debian CWE-190	7.8
2021-08-07	CVE-2021-38160	Classic Buffer Overflow vulnerability in multiple products In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. local low complexity linux netapp debian redhat CWE-120	7.8
2021-08-05	CVE-2021-3580	A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. network low complexity nettle-project redhat debian netapp	7.5
2021-08-05	CVE-2021-3682	A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. network high complexity qemu redhat debian	8.5
2021-08-03	CVE-2021-30560	Use After Free vulnerability in multiple products Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google xmlsoft debian splunk CWE-416	8.8
2021-08-02	CVE-2021-33196	Improper Input Validation vulnerability in multiple products In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. network low complexity golang debian CWE-20	7.5
2021-07-30	CVE-2021-31799	OS Command Injection vulnerability in multiple products In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via \| and tags in a filename. local high complexity debian ruby-lang oracle CWE-78	7.0