Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-08	CVE-2021-30630	Origin Validation Error vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. network low complexity google fedoraproject CWE-346	4.3
2021-10-04	CVE-2021-41089	Moby is an open-source project created by Docker to enable software containerization. local low complexity mobyproject fedoraproject	6.3
2021-10-04	CVE-2021-41091	Moby is an open-source project created by Docker to enable software containerization. local low complexity mobyproject fedoraproject	6.3
2021-10-04	CVE-2021-32672	Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. network low complexity redis redhat debian fedoraproject netapp oracle CWE-125	4.3
2021-09-29	CVE-2021-22947	Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. network high complexity haxx fedoraproject debian netapp oracle siemens apple splunk CWE-345	5.9
2021-09-17	CVE-2021-39218	Wasmtime is an open source runtime for WebAssembly & WASI. local high complexity bytecodealliance fedoraproject	6.3
2021-09-17	CVE-2021-39219	Wasmtime is an open source runtime for WebAssembly & WASI. local high complexity bytecodealliance fedoraproject	6.3
2021-09-08	CVE-2021-22004	Race Condition vulnerability in multiple products An issue was discovered in SaltStack Salt before 3003.3. local high complexity saltstack fedoraproject CWE-362	6.4
2021-09-06	CVE-2021-40529	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. network high complexity botan-project fedoraproject mozilla CWE-327	5.9
2021-09-06	CVE-2021-40530	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. network high complexity cryptopp fedoraproject CWE-327	5.9