High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-27	CVE-2021-3903	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian	7.8
2021-10-25	CVE-2021-21703	Out-of-bounds Write vulnerability in multiple products In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user. local high complexity php debian fedoraproject netapp oracle CWE-787	7.0
2021-10-21	CVE-2021-41159	Out-of-bounds Write vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. network low complexity freerdp fedoraproject CWE-787	8.8
2021-10-21	CVE-2021-41160	Out-of-bounds Write vulnerability in multiple products FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. network low complexity freerdp fedoraproject CWE-787	8.8
2021-10-21	CVE-2021-42716	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in stb stb_image.h 2.27. local low complexity nothings fedoraproject CWE-120	7.1
2021-10-19	CVE-2021-30846	Out-of-bounds Write vulnerability in multiple products A memory corruption issue was addressed with improved memory handling. local low complexity apple debian fedoraproject CWE-787	7.8
2021-10-19	CVE-2021-3872	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian	7.8
2021-10-18	CVE-2021-41990	Integer Overflow or Wraparound vulnerability in multiple products The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. network low complexity strongswan debian fedoraproject siemens CWE-190	7.5
2021-10-18	CVE-2021-41991	Integer Overflow or Wraparound vulnerability in multiple products The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. network low complexity strongswan debian fedoraproject siemens CWE-190	7.5
2021-10-18	CVE-2021-38562	Information Exposure Through Discrepancy vulnerability in multiple products Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm. network low complexity bestpractical fedoraproject debian CWE-203	7.5