High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-08	CVE-2021-41771	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. network low complexity golang fedoraproject debian CWE-119	7.5
2021-11-08	CVE-2021-41772	Improper Input Validation vulnerability in multiple products Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field. network low complexity golang fedoraproject oracle CWE-20	7.5
2021-11-08	CVE-2021-42072	Improper Authentication vulnerability in multiple products An issue was discovered in Barrier before 2.4.0. network low complexity barrier-project fedoraproject CWE-287	8.8
2021-11-05	CVE-2021-3927	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian CWE-122	7.8
2021-11-05	CVE-2021-3928	Use of Uninitialized Variable vulnerability in multiple products vim is vulnerable to Use of Uninitialized Variable local low complexity vim fedoraproject debian CWE-457	7.8
2021-11-02	CVE-2021-37977	Use After Free vulnerability in multiple products Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8
2021-11-02	CVE-2021-37978	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-787	8.8
2021-11-02	CVE-2021-37979	Out-of-bounds Write vulnerability in multiple products heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-787	8.8
2021-11-02	CVE-2021-37980	Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. network low complexity google fedoraproject debian	7.4
2021-11-01	CVE-2021-42574	Code Injection vulnerability in multiple products An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. network high complexity unicode fedoraproject starwindsoftware CWE-94	8.3