High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-02	CVE-2021-21289	OS Command Injection vulnerability in multiple products Mechanize is an open-source ruby library that makes automated web interaction easy. network high complexity mechanize-project fedoraproject debian CWE-78	8.3
2021-01-29	CVE-2021-3347	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.11. local low complexity linux debian fedoraproject CWE-416	7.8
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2021-01-26	CVE-2021-3115	Uncontrolled Search Path Element vulnerability in multiple products Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). network high complexity golang fedoraproject netapp CWE-427	7.5
2021-01-20	CVE-2020-25682	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in dnsmasq before 2.83. network high complexity thekelleys fedoraproject debian CWE-122	8.1
2021-01-20	CVE-2020-25681	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian CWE-122	8.1
2021-01-19	CVE-2020-14409	Integer Overflow or Wraparound vulnerability in multiple products SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. local low complexity libsdl fedoraproject debian starwindsoftware CWE-190	7.8
2021-01-18	CVE-2020-36193	Link Following vulnerability in multiple products Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. network low complexity php fedoraproject debian drupal CWE-59	7.5
2021-01-15	CVE-2020-35733	Improper Certificate Validation vulnerability in multiple products An issue was discovered in Erlang/OTP before 23.2.2. network low complexity erlang fedoraproject CWE-295	7.5
2021-01-13	CVE-2020-26262	Confused Deputy vulnerability in multiple products Coturn is free open source implementation of TURN and STUN Server. network low complexity coturn-project fedoraproject CWE-441	7.2