Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-04	CVE-2021-32672	Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. network low complexity redis redhat debian fedoraproject netapp oracle CWE-125	4.3
2021-09-29	CVE-2021-22947	Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. network high complexity haxx fedoraproject debian netapp oracle siemens apple splunk CWE-345	5.9
2021-09-17	CVE-2021-39218	Free of Memory not on the Heap vulnerability in multiple products Wasmtime is an open source runtime for WebAssembly & WASI. local high complexity bytecodealliance fedoraproject CWE-590	6.3
2021-09-17	CVE-2021-39216	Use After Free vulnerability in multiple products Wasmtime is an open source runtime for WebAssembly & WASI. local high complexity bytecodealliance fedoraproject CWE-416	6.3
2021-09-17	CVE-2021-39219	Type Confusion vulnerability in multiple products Wasmtime is an open source runtime for WebAssembly & WASI. local high complexity bytecodealliance fedoraproject CWE-843	6.3
2021-09-08	CVE-2021-22004	Race Condition vulnerability in multiple products An issue was discovered in SaltStack Salt before 3003.3. local high complexity saltstack fedoraproject CWE-362	6.4
2021-09-06	CVE-2021-40529	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. network high complexity botan-project fedoraproject mozilla CWE-327	5.9
2021-09-06	CVE-2021-40530	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. network high complexity cryptopp fedoraproject CWE-327	5.9
2021-09-03	CVE-2021-30615	Chromium: CVE-2021-30615 Cross-origin data leak in Navigation network low complexity fedoraproject microsoft	6.5
2021-09-03	CVE-2021-30617	Chromium: CVE-2021-30617 Policy bypass in Blink network low complexity fedoraproject microsoft	6.5