Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-02	CVE-2021-43267	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. network low complexity linux fedoraproject netapp CWE-1284 critical	9.8
2021-10-29	CVE-2021-3756	Out-of-bounds Write vulnerability in multiple products libmysofa is vulnerable to Heap-based Buffer Overflow network low complexity symonics fedoraproject CWE-787 critical	9.8
2021-10-18	CVE-2021-38297	Classic Buffer Overflow vulnerability in multiple products Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. network low complexity golang fedoraproject CWE-120 critical	9.8
2021-10-08	CVE-2021-37973	Use After Free vulnerability in multiple products Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject debian CWE-416 critical	9.6
2021-10-08	CVE-2021-30633	Use After Free vulnerability in multiple products Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject CWE-416 critical	9.6
2021-10-07	CVE-2021-42013	It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. network low complexity apache fedoraproject oracle netapp critical	9.8
2021-09-23	CVE-2021-22945	Double Free vulnerability in multiple products When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again. network low complexity haxx fedoraproject netapp oracle apple siemens debian splunk CWE-415 critical	9.1
2021-09-16	CVE-2021-39275	Out-of-bounds Write vulnerability in multiple products ap_escape_quotes() may write beyond the end of a buffer when given malicious input. network low complexity apache fedoraproject debian netapp oracle siemens CWE-787 critical	9.8
2021-09-16	CVE-2021-40438	Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. network high complexity apache fedoraproject debian netapp broadcom f5 oracle siemens tenable CWE-918 critical	9.0
2021-08-12	CVE-2021-31556	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. network low complexity mediawiki fedoraproject CWE-1284 critical	9.8