High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-23	CVE-2021-21341	XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject oracle	7.5
2021-03-19	CVE-2021-28831	Improper Handling of Exceptional Conditions vulnerability in multiple products decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. network low complexity busybox fedoraproject debian CWE-755	7.5
2021-03-19	CVE-2020-25097	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. network low complexity squid-cache debian fedoraproject netapp CWE-444	8.6
2021-03-19	CVE-2021-25290	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Pillow before 8.1.1. network low complexity python debian CWE-787	7.5
2021-03-19	CVE-2021-27928	Code Injection vulnerability in multiple products A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. network low complexity mariadb percona galeracluster debian CWE-94	7.2
2021-03-17	CVE-2021-28660	Out-of-bounds Write vulnerability in multiple products rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. low complexity linux fedoraproject debian netapp CWE-787	8.8
2021-03-17	CVE-2021-27291	In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. network low complexity pygments debian fedoraproject	7.5
2021-03-17	CVE-2020-17525	NULL Pointer Dereference vulnerability in multiple products Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. network low complexity apache debian CWE-476	7.5
2021-03-17	CVE-2017-20002	Improper Privilege Management vulnerability in Debian Linux and Shadow The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. local low complexity debian CWE-269	7.8
2021-03-16	CVE-2021-21193	Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian CWE-416	8.8