Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-08	CVE-2021-37967	Origin Validation Error vulnerability in multiple products Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject debian CWE-346	4.3
2021-10-08	CVE-2021-37968	Information Exposure Through Discrepancy vulnerability in multiple products Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject debian CWE-203	4.3
2021-10-08	CVE-2021-37971	Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject debian CWE-1021	4.3
2021-10-08	CVE-2021-37976	Missing Authorization vulnerability in multiple products Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google fedoraproject debian CWE-862	6.5
2021-10-06	CVE-2021-41125	Insufficiently Protected Credentials vulnerability in multiple products Scrapy is a high-level web crawling and scraping framework for Python. network low complexity scrapy debian CWE-522	6.5
2021-10-04	CVE-2021-32672	Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. network low complexity redis redhat debian fedoraproject netapp oracle CWE-125	4.3
2021-09-29	CVE-2021-22947	Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. network high complexity haxx fedoraproject debian netapp oracle siemens apple splunk CWE-345	5.9
2021-09-27	CVE-2021-20317	A flaw was found in the Linux kernel. local low complexity linux debian	4.4
2021-09-20	CVE-2021-32276	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in faad2 through 2.10.0. local low complexity faad2-project debian CWE-476	5.5
2021-09-20	CVE-2021-32280	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in fig2dev before 3.2.8.. local low complexity xfig-project debian CWE-476	5.5