High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-16	CVE-2021-41079	Infinite Loop vulnerability in multiple products Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. network low complexity apache debian netapp CWE-835	7.5
2021-09-15	CVE-2021-3796	Use After Free vulnerability in multiple products vim is vulnerable to Use After Free local low complexity vim fedoraproject debian netapp CWE-416	7.3
2021-09-15	CVE-2021-3778	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian netapp CWE-122	7.8
2021-09-14	CVE-2021-41072	Link Following vulnerability in multiple products squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. network low complexity squashfs-tools-project debian CWE-59	8.1
2021-09-08	CVE-2021-40346	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. network low complexity haproxy debian fedoraproject CWE-190	7.5
2021-09-08	CVE-2021-21897	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. network low complexity ribbonsoft fedoraproject debian CWE-191	8.8
2021-09-08	CVE-2021-21996	An issue was discovered in SaltStack Salt before 3003.3. network high complexity saltstack fedoraproject debian	7.5
2021-09-08	CVE-2021-28701	Race Condition vulnerability in multiple products Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. local high complexity xen debian fedoraproject CWE-362	7.8
2021-09-07	CVE-2021-33286	Out-of-bounds Write vulnerability in multiple products In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. local low complexity tuxera debian CWE-787	7.8
2021-09-07	CVE-2021-33287	Out-of-bounds Write vulnerability in multiple products In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. local low complexity tuxera debian fedoraproject CWE-787	7.8