High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-04	CVE-2021-30518	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-787	8.8
2021-06-04	CVE-2021-30519	Use After Free vulnerability in multiple products Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2021-06-04	CVE-2021-30520	Use After Free vulnerability in multiple products Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2021-06-04	CVE-2021-28091	Improper Verification of Cryptographic Signature vulnerability in multiple products Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. network low complexity entrouvert debian fedoraproject CWE-347	7.5
2021-06-02	CVE-2021-32625	Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. network low complexity redislabs fedoraproject CWE-190	8.8
2021-06-02	CVE-2021-28676	Infinite Loop vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. network low complexity python fedoraproject CWE-835	7.5
2021-06-02	CVE-2021-28677	An issue was discovered in Pillow before 8.2.0. network low complexity python fedoraproject	7.5
2021-06-01	CVE-2021-3516	Use After Free vulnerability in multiple products There's a flaw in libxml2's xmllint in versions before 2.9.11. local low complexity xmlsoft debian fedoraproject redhat netapp oracle CWE-416	7.8
2021-06-01	CVE-2021-23017	A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. network high complexity f5 openresty fedoraproject netapp oracle	7.7
2021-05-28	CVE-2021-29505	XStream is software for serializing Java objects to XML and back again. network low complexity xstream-project debian fedoraproject netapp oracle	8.8