Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-24	CVE-2021-3500	Out-of-bounds Write vulnerability in multiple products A flaw was found in djvulibre-3.5.28 and earlier. network djvulibre-project debian CWE-787	6.8
2021-06-23	CVE-2021-33624	Type Confusion vulnerability in multiple products In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. local high complexity linux debian CWE-843	4.7
2021-06-22	CVE-2021-0561	Out-of-bounds Write vulnerability in multiple products In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. local low complexity google fedoraproject debian CWE-787	5.5
2021-06-14	CVE-2021-34693	Missing Initialization of Resource vulnerability in multiple products net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. local low complexity linux debian CWE-909	5.5
2021-06-11	CVE-2021-22895	Improper Certificate Validation vulnerability in multiple products Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow. network nextcloud debian CWE-295	4.3
2021-06-10	CVE-2020-25467	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file. network long-range-zip-project debian CWE-476	4.3
2021-06-10	CVE-2021-27345	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file. network long-range-zip-project debian CWE-476	4.3
2021-06-10	CVE-2021-27347	Use After Free vulnerability in multiple products Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file. network long-range-zip-project debian CWE-416	4.3
2021-06-10	CVE-2021-30641	Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' network low complexity apache debian fedoraproject oracle	5.3
2021-06-09	CVE-2020-24489	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel debian CWE-459	4.6