High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-10	CVE-2020-13574	NULL Pointer Dereference vulnerability in multiple products A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. network low complexity genivia fedoraproject CWE-476	7.5
2021-02-10	CVE-2021-0326	Out-of-bounds Write vulnerability in multiple products In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. high complexity google fedoraproject debian CWE-787	7.5
2021-02-09	CVE-2021-21148	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-787	8.8
2021-02-09	CVE-2021-21145	Use After Free vulnerability in multiple products Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2021-02-09	CVE-2021-21144	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. network low complexity google fedoraproject CWE-787	8.8
2021-02-09	CVE-2021-21143	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. network low complexity google fedoraproject CWE-787	8.8
2021-02-08	CVE-2020-36152	Classic Buffer Overflow vulnerability in multiple products Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA. network low complexity symonics fedoraproject CWE-120	8.8
2021-02-02	CVE-2021-21289	OS Command Injection vulnerability in multiple products Mechanize is an open-source ruby library that makes automated web interaction easy. network high complexity mechanize-project fedoraproject debian CWE-78	8.3
2021-01-29	CVE-2021-3347	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.11. local low complexity linux debian fedoraproject CWE-416	7.8
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8