High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-17	CVE-2021-4009	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. local low complexity x-org fedoraproject debian CWE-119	7.8
2021-12-17	CVE-2021-4010	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. local low complexity x-org fedoraproject debian CWE-119	7.8
2021-12-17	CVE-2021-4011	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. local low complexity x-org fedoraproject debian CWE-119	7.8
2021-12-15	CVE-2021-45078	Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. local low complexity gnu fedoraproject redhat debian netapp CWE-787	7.8
2021-12-13	CVE-2021-43818	Injection vulnerability in multiple products lxml is a library for processing XML and HTML in the Python language. network low complexity lxml fedoraproject debian netapp oracle CWE-74	7.1
2021-12-08	CVE-2021-38504	Use After Free vulnerability in multiple products When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. network low complexity mozilla debian CWE-416	8.8
2021-12-08	CVE-2021-43537	Incorrect Type Conversion or Cast vulnerability in multiple products An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. network low complexity mozilla debian CWE-704	8.8
2021-12-08	CVE-2021-43539	Use After Free vulnerability in multiple products Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. network low complexity mozilla debian CWE-416	8.8
2021-12-08	CVE-2021-44420	In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. network low complexity djangoproject redhat debian canonical fedoraproject	7.3
2021-12-06	CVE-2021-4069	Use After Free vulnerability in multiple products vim is vulnerable to Use After Free local low complexity vim fedoraproject debian CWE-416	7.8