Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-37750	NULL Pointer Dereference vulnerability in multiple products The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. network low complexity mit fedoraproject debian starwindsoftware oracle CWE-476	6.5
2021-08-22	CVE-2021-39365	Improper Certificate Validation vulnerability in multiple products In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. network high complexity gnome debian CWE-295	5.9
2021-08-18	CVE-2021-32728	The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. network low complexity nextcloud debian	6.5
2021-08-17	CVE-2021-39241	An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. network low complexity haproxy debian fedoraproject	5.3
2021-08-16	CVE-2021-22939	Improper Certificate Validation vulnerability in multiple products If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. network low complexity nodejs oracle netapp siemens debian CWE-295	5.3
2021-08-13	CVE-2021-37695	ckeditor is an open source WYSIWYG HTML editor with rich content support. network low complexity ckeditor debian fedoraproject oracle	5.4
2021-08-10	CVE-2020-21675	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. local low complexity fig2dev-project debian CWE-787	5.5
2021-08-10	CVE-2020-21676	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. local low complexity fig2dev-project debian CWE-787	5.5
2021-08-10	CVE-2020-21697	Use After Free vulnerability in multiple products A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file. network low complexity ffmpeg debian CWE-416	6.5
2021-08-09	CVE-2021-37620	Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. local low complexity exiv2 fedoraproject debian	5.5