Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-09	CVE-2021-34334	Infinite Loop vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. local low complexity exiv2 fedoraproject debian CWE-835	5.5
2021-08-08	CVE-2021-38204	Use After Free vulnerability in multiple products drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. local low complexity linux debian CWE-416	4.6
2021-08-08	CVE-2021-36221	Race Condition vulnerability in multiple products Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. network high complexity golang fedoraproject debian oracle siemens CWE-362	5.9
2021-08-07	CVE-2021-38165	Insufficiently Protected Credentials vulnerability in multiple products Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. network high complexity lynx-project debian fedoraproject CWE-522	5.3
2021-08-05	CVE-2021-3566	Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. local low complexity ffmpeg debian	5.5
2021-08-05	CVE-2021-3679	Infinite Loop vulnerability in multiple products A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. local low complexity linux redhat debian CWE-835	5.5
2021-08-04	CVE-2021-38114	Unchecked Return Value vulnerability in multiple products libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. local low complexity ffmpeg debian CWE-252	5.5
2021-08-02	CVE-2021-34556	Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. local low complexity linux fedoraproject debian CWE-203	5.5
2021-08-02	CVE-2021-35477	Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. local low complexity linux debian fedoraproject CWE-203	5.5
2021-07-30	CVE-2021-32558	Injection vulnerability in multiple products An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. network low complexity digium debian CWE-74	5.0