High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-16	CVE-2021-45098	An issue was discovered in Suricata before 6.0.4. network low complexity oisf debian	7.5
2021-12-15	CVE-2021-45078	Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. local low complexity gnu fedoraproject redhat debian netapp CWE-787	7.8
2021-12-13	CVE-2021-43818	lxml is a library for processing XML and HTML in the Python language. network low complexity lxml fedoraproject debian netapp oracle	7.1
2021-12-08	CVE-2021-38504	Use After Free vulnerability in multiple products When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. network low complexity mozilla debian CWE-416	8.8
2021-12-08	CVE-2021-43534	Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. network low complexity mozilla debian CWE-787	8.8
2021-12-08	CVE-2021-43535	Use After Free vulnerability in multiple products A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. network low complexity mozilla debian CWE-416	8.8
2021-12-08	CVE-2021-43537	Incorrect Type Conversion or Cast vulnerability in multiple products An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. network low complexity mozilla debian CWE-704	8.8
2021-12-08	CVE-2021-43539	Use After Free vulnerability in multiple products Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. network low complexity mozilla debian CWE-416	8.8
2021-12-08	CVE-2021-44420	In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. network low complexity djangoproject redhat debian canonical fedoraproject	7.3
2021-12-07	CVE-2021-42717	Uncontrolled Recursion vulnerability in multiple products ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. network low complexity trustwave f5 debian oracle CWE-674	7.5