High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-19	CVE-2021-41073	Release of Invalid Pointer or Reference vulnerability in multiple products loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. local low complexity linux debian fedoraproject netapp CWE-763	7.8
2021-09-16	CVE-2021-34798	NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. network low complexity apache fedoraproject debian netapp tenable oracle broadcom siemens CWE-476	7.5
2021-09-16	CVE-2021-36160	Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). network low complexity apache fedoraproject debian netapp oracle broadcom CWE-125	7.5
2021-09-15	CVE-2021-3796	vim is vulnerable to Use After Free local low complexity vim fedoraproject debian netapp	7.3
2021-09-15	CVE-2021-3778	vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian netapp	7.8
2021-09-10	CVE-2021-40839	Infinite Loop vulnerability in multiple products The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory. network low complexity rencode-project fedoraproject CWE-835	7.5
2021-09-08	CVE-2021-40346	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. network low complexity haproxy debian fedoraproject CWE-190	7.5
2021-09-08	CVE-2021-21897	A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. network low complexity ribbonsoft fedoraproject debian	8.8
2021-09-08	CVE-2021-21996	An issue was discovered in SaltStack Salt before 3003.3. network high complexity saltstack fedoraproject debian	7.5
2021-09-08	CVE-2021-28701	Race Condition vulnerability in multiple products Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. local high complexity xen debian fedoraproject CWE-362	7.8