High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-03	CVE-2021-22884	Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. network high complexity nodejs fedoraproject netapp oracle siemens	7.5
2021-03-03	CVE-2021-22883	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. network low complexity nodejs fedoraproject netapp oracle siemens CWE-772	7.5
2021-03-03	CVE-2021-20233	Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-787	8.2
2021-03-03	CVE-2020-27779	A flaw was found in grub2 in versions prior to 2.06. local high complexity gnu redhat fedoraproject netapp	7.5
2021-03-03	CVE-2020-25647	Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. low complexity gnu redhat fedoraproject netapp CWE-787	7.6
2021-03-03	CVE-2020-25632	Use After Free vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-416	8.2
2021-03-03	CVE-2020-14372	A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. local high complexity gnu redhat fedoraproject netapp	7.5
2021-03-03	CVE-2021-26813	markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. network low complexity markdown2-project fedoraproject	7.5
2021-03-03	CVE-2021-27923	Improper Input Validation vulnerability in multiple products Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large. network low complexity python fedoraproject CWE-20	7.5
2021-03-03	CVE-2021-27922	Improper Input Validation vulnerability in multiple products Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large. network low complexity python fedoraproject CWE-20	7.5