Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-02	CVE-2021-37995	Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google debian	6.5
2021-11-02	CVE-2021-37996	Improper Input Validation vulnerability in multiple products Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. local low complexity google debian CWE-20	5.5
2021-10-27	CVE-2021-25219	In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. network low complexity isc debian fedoraproject netapp siemens oracle	5.3
2021-10-26	CVE-2021-41182	jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable	6.1
2021-10-26	CVE-2021-41183	jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable	6.1
2021-10-21	CVE-2021-42715	Infinite Loop vulnerability in multiple products An issue was discovered in stb stb_image.h 1.33 through 2.27. local low complexity nothings fedoraproject debian CWE-835	5.5
2021-10-21	CVE-2021-42096	Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products GNU Mailman before 2.1.35 may allow remote Privilege Escalation. network low complexity gnu debian CWE-307	4.3
2021-10-20	CVE-2021-42762	BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. local low complexity webkitgtk wpewebkit fedoraproject debian	5.3
2021-10-20	CVE-2021-42739	Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. local low complexity linux fedoraproject debian starwindsoftware oracle CWE-787	6.7
2021-10-12	CVE-2021-42326	Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter. network low complexity redmine debian	5.3