High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2021-03-03	CVE-2021-20233	Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-787	8.2
2021-03-03	CVE-2020-27779	A flaw was found in grub2 in versions prior to 2.06. local high complexity gnu redhat fedoraproject netapp	7.5
2021-03-03	CVE-2020-25647	Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. low complexity gnu redhat fedoraproject netapp CWE-787	7.6
2021-03-03	CVE-2020-25632	Use After Free vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-416	8.2
2021-03-03	CVE-2020-14372	Incomplete Blacklist vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. local high complexity gnu redhat fedoraproject netapp CWE-184	7.5
2020-02-08	CVE-2012-4512	Type Confusion vulnerability in multiple products The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." network low complexity kde redhat CWE-843	8.8
2020-01-31	CVE-2014-8141	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. local low complexity unzip-project redhat CWE-787	7.8
2020-01-31	CVE-2014-8140	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. local low complexity unzip-project redhat CWE-787	7.8
2020-01-31	CVE-2014-8139	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. local low complexity unzip-project redhat CWE-787	7.8