Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-01	CVE-2021-45942	Out-of-bounds Write vulnerability in multiple products OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). local low complexity openexr fedoraproject debian CWE-787	5.5
2022-01-01	CVE-2021-45943	Out-of-bounds Write vulnerability in multiple products GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). local low complexity osgeo debian fedoraproject oracle CWE-787	5.5
2022-01-01	CVE-2021-45944	Use After Free vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). local low complexity artifex debian CWE-416	5.5
2022-01-01	CVE-2021-45949	Out-of-bounds Write vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). local low complexity artifex debian CWE-787	5.5
2022-01-01	CVE-2021-45958	Out-of-bounds Write vulnerability in multiple products UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). local low complexity ultrajson-project debian fedoraproject CWE-787	5.5
2021-12-31	CVE-2021-4193	vim is vulnerable to Out-of-bounds Read local low complexity vim fedoraproject debian apple	5.5
2021-12-28	CVE-2021-44832	Improper Input Validation vulnerability in multiple products Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. network high complexity apache oracle cisco fedoraproject debian CWE-20	6.6
2021-12-24	CVE-2021-45480	Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.15.11. local low complexity linux debian CWE-401	5.5
2021-12-23	CVE-2021-38009	Information Exposure Through Discrepancy vulnerability in multiple products Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject debian CWE-203	6.5
2021-12-23	CVE-2021-38010	Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. network low complexity google fedoraproject debian	6.5