High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-26	CVE-2021-41617	sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. local high complexity openbsd fedoraproject netapp oracle starwindsoftware	7.0
2021-09-20	CVE-2021-32838	Resource Exhaustion vulnerability in multiple products Flask-RESTX (pypi package flask-restx) is a community driven fork of Flask-RESTPlus. network low complexity flask-restx-project fedoraproject CWE-400	7.5
2021-09-19	CVE-2021-41073	Release of Invalid Pointer or Reference vulnerability in multiple products loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. local low complexity linux debian fedoraproject netapp CWE-763	7.8
2021-09-16	CVE-2021-34798	NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. network low complexity apache fedoraproject debian netapp tenable oracle broadcom siemens CWE-476	7.5
2021-09-16	CVE-2021-36160	Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). network low complexity apache fedoraproject debian netapp oracle broadcom CWE-125	7.5
2021-09-15	CVE-2021-3796	Use After Free vulnerability in multiple products vim is vulnerable to Use After Free local low complexity vim fedoraproject debian netapp CWE-416	7.3
2021-09-15	CVE-2021-3778	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian netapp CWE-122	7.8
2021-09-10	CVE-2021-40839	Infinite Loop vulnerability in multiple products The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory. network low complexity rencode-project fedoraproject CWE-835	7.5
2021-09-08	CVE-2021-40346	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. network low complexity haproxy debian fedoraproject CWE-190	7.5
2021-09-08	CVE-2021-21897	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. network low complexity ribbonsoft fedoraproject debian CWE-191	8.8