Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-26	CVE-2021-30596	Origin Validation Error vulnerability in multiple products Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject CWE-346	4.3
2021-08-26	CVE-2021-30597	Use After Free vulnerability in multiple products Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. low complexity google fedoraproject CWE-416	6.8
2021-08-24	CVE-2021-30887	A logic issue was addressed with improved restrictions. network low complexity apple fedoraproject debian	6.5
2021-08-24	CVE-2021-30890	Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. network low complexity apple fedoraproject debian CWE-79	6.1
2021-08-23	CVE-2021-39140	XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle	6.3
2021-08-23	CVE-2021-37750	NULL Pointer Dereference vulnerability in multiple products The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. network low complexity mit fedoraproject debian starwindsoftware oracle CWE-476	6.5
2021-08-22	CVE-2021-39358	Improper Certificate Validation vulnerability in multiple products In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. network high complexity gnome fedoraproject CWE-295	5.9
2021-08-22	CVE-2021-39359	Improper Certificate Validation vulnerability in multiple products In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. network high complexity gnome fedoraproject CWE-295	5.9
2021-08-22	CVE-2021-39360	Improper Certificate Validation vulnerability in multiple products In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. network high complexity gnome fedoraproject CWE-295	5.9
2021-08-17	CVE-2021-39241	An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. network low complexity haproxy debian fedoraproject	5.3