Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-23	CVE-2021-3405	A flaw was found in libebml before 1.4.2. network low complexity matroska fedoraproject debian	6.5
2021-02-17	CVE-2021-26933	An issue was discovered in Xen 4.9 through 4.14.x. local low complexity xen fedoraproject debian	5.5
2021-02-17	CVE-2021-26932	An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. local low complexity linux fedoraproject debian netapp	5.5
2021-02-17	CVE-2021-26931	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. local low complexity linux fedoraproject debian CWE-770	5.5
2021-02-16	CVE-2021-23841	NULL Pointer Dereference vulnerability in multiple products The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. network high complexity openssl debian tenable apple netapp oracle siemens CWE-476	5.9
2021-02-15	CVE-2021-23336	HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. network high complexity python fedoraproject debian netapp djangoproject oracle CWE-444	5.9
2021-02-15	CVE-2020-7071	Improper Input Validation vulnerability in multiple products In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. network low complexity php debian netapp CWE-20	5.3
2021-02-14	CVE-2021-26929	Cross-site Scripting vulnerability in multiple products An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). network low complexity horde debian CWE-79	6.1
2021-02-09	CVE-2021-26676	gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. low complexity intel debian opensuse	6.5
2021-02-08	CVE-2021-21290	Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. local low complexity netty debian quarkus oracle netapp	5.5