High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-16	CVE-2021-34798	NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. network low complexity apache fedoraproject debian netapp tenable oracle broadcom siemens CWE-476	7.5
2021-09-16	CVE-2021-36160	Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). network low complexity apache fedoraproject debian netapp oracle broadcom CWE-125	7.5
2021-09-16	CVE-2021-41079	Infinite Loop vulnerability in multiple products Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. network low complexity apache debian netapp CWE-835	7.5
2021-09-15	CVE-2021-3796	vim is vulnerable to Use After Free local low complexity vim fedoraproject debian netapp	7.3
2021-09-15	CVE-2021-3778	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian netapp	7.8
2021-09-14	CVE-2021-41072	Link Following vulnerability in multiple products squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. network low complexity squashfs-tools-project debian CWE-59	8.1
2021-09-13	CVE-2021-41054	Classic Buffer Overflow vulnerability in multiple products tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options. network low complexity atftp-project debian CWE-120	7.5
2021-09-09	CVE-2021-3761	Out-of-bounds Write vulnerability in multiple products Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. network low complexity cloudflare debian CWE-787	7.5
2021-09-08	CVE-2021-40346	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. network low complexity haproxy debian fedoraproject CWE-190	7.5
2021-09-08	CVE-2021-21897	A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. network low complexity ribbonsoft fedoraproject debian	8.8