High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-26	CVE-2021-22543	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Linux: KVM through Improper handling of VM_IO\|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. local low complexity linux fedoraproject debian netapp CWE-119	7.8
2021-05-25	CVE-2020-25672	A memory leak vulnerability was found in Linux kernel in llcp_sock_connect network low complexity linux fedoraproject debian netapp	7.5
2021-05-20	CVE-2021-33477	Improper Handling of Exceptional Conditions vulnerability in multiple products rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). network low complexity eterm-project mrxvt-project rxvt-project rxvt-unicode-project fedoraproject debian CWE-755	8.8
2021-05-20	CVE-2021-3480	A flaw was found in slapi-nis in versions before 0.56.7. network low complexity slapi-nis-project fedoraproject	7.5
2021-05-20	CVE-2021-20718	Resource Exhaustion vulnerability in multiple products mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors. network low complexity openidc fedoraproject oracle CWE-400	7.5
2021-05-19	CVE-2021-3445	A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. network high complexity rpm fedoraproject redhat	7.5
2021-05-19	CVE-2021-3517	There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. network low complexity xmlsoft redhat fedoraproject debian netapp oracle	8.6
2021-05-18	CVE-2021-3518	Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. network low complexity xmlsoft debian redhat fedoraproject netapp oracle CWE-416	8.8
2021-05-14	CVE-2021-33034	Use After Free vulnerability in multiple products In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. local low complexity linux fedoraproject debian CWE-416	7.8
2021-05-14	CVE-2020-24119	Out-of-bounds Read vulnerability in multiple products A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect. local low complexity upx-project fedoraproject CWE-125	7.1