Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-30	CVE-2021-29648	Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.11. local low complexity linux fedoraproject CWE-307	5.5
2021-03-30	CVE-2021-29647	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.11. local low complexity linux fedoraproject debian CWE-909	5.5
2021-03-30	CVE-2021-29646	An issue was discovered in the Linux kernel before 5.11.11. local low complexity linux fedoraproject	5.5
2021-03-26	CVE-2021-21333	Cross-site Scripting vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). network high complexity matrix fedoraproject CWE-79	6.1
2021-03-25	CVE-2021-3467	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. local low complexity jasper-project fedoraproject CWE-476	5.5
2021-03-25	CVE-2021-3446	Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. local low complexity libtpms-project redhat fedoraproject CWE-330	5.5
2021-03-25	CVE-2021-3443	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. network jasper-project redhat fedoraproject CWE-476	4.3
2021-03-25	CVE-2021-3449	NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. network high complexity openssl debian freebsd netapp tenable fedoraproject mcafee checkpoint oracle sonicwall siemens nodejs CWE-476	5.9
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-23	CVE-2021-20270	Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. network low complexity pygments redhat fedoraproject debian CWE-835	5.0