High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-07	CVE-2021-38166	Integer Overflow or Wraparound vulnerability in multiple products In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. local low complexity linux fedoraproject debian CWE-190	7.8
2021-08-07	CVE-2021-38160	Classic Buffer Overflow vulnerability in multiple products In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. local low complexity linux netapp debian redhat CWE-120	7.8
2021-08-05	CVE-2021-3580	Improper Input Validation vulnerability in multiple products A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. network low complexity nettle-project redhat debian netapp CWE-20	7.5
2021-08-05	CVE-2021-3682	Release of Invalid Pointer or Reference vulnerability in multiple products A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. network high complexity qemu redhat debian CWE-763	8.5
2021-08-03	CVE-2021-30560	Use After Free vulnerability in multiple products Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google xmlsoft debian splunk CWE-416	8.8
2021-08-02	CVE-2021-33196	Improper Input Validation vulnerability in multiple products In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. network low complexity golang debian CWE-20	7.5
2021-07-30	CVE-2021-31799	OS Command Injection vulnerability in multiple products In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via \| and tags in a filename. local high complexity debian ruby-lang oracle CWE-78	7.0
2021-07-30	CVE-2021-32610	Link Following vulnerability in multiple products In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. local low complexity php debian fedoraproject CWE-59	7.1
2021-07-26	CVE-2021-31292	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. network low complexity exiv2 debian fedoraproject CWE-190	7.5
2021-07-22	CVE-2021-32785	Use of Externally-Controlled Format String vulnerability in multiple products mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. network low complexity openidc netapp debian CWE-134	7.5