High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-02	CVE-2021-37979	Out-of-bounds Write vulnerability in multiple products heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-787	8.8
2021-11-02	CVE-2021-37980	Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. network low complexity google fedoraproject debian	7.4
2021-11-01	CVE-2021-42574	Code Injection vulnerability in multiple products An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. network high complexity unicode fedoraproject starwindsoftware CWE-94	8.3
2021-10-27	CVE-2021-3903	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian CWE-122	7.8
2021-10-25	CVE-2021-21703	Out-of-bounds Write vulnerability in multiple products In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user. local high complexity php debian fedoraproject netapp oracle CWE-787	7.0
2021-10-21	CVE-2021-41159	Out-of-bounds Write vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. network low complexity freerdp fedoraproject CWE-787	8.8
2021-10-21	CVE-2021-41160	Out-of-bounds Write vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. network low complexity freerdp fedoraproject CWE-787	8.8
2021-10-21	CVE-2021-42716	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in stb stb_image.h 2.27. local low complexity nothings fedoraproject CWE-120	7.1
2021-10-20	CVE-2021-35610	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle netapp fedoraproject	7.1
2021-10-19	CVE-2021-3746	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. network libtpms-project fedoraproject redhat CWE-119	7.1