Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-23	CVE-2021-20229	A flaw was found in PostgreSQL in versions before 13.2. network low complexity postgresql redhat fedoraproject	4.3
2021-02-18	CVE-2020-28463	Server-Side Request Forgery (SSRF) vulnerability in multiple products All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. network low complexity reportlab fedoraproject CWE-918	6.5
2021-02-17	CVE-2021-26933	An issue was discovered in Xen 4.9 through 4.14.x. local low complexity xen fedoraproject debian	5.5
2021-02-17	CVE-2021-26932	An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. local low complexity linux fedoraproject debian netapp	5.5
2021-02-17	CVE-2021-26931	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. local low complexity linux fedoraproject debian CWE-770	5.5
2021-02-15	CVE-2021-23336	HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. network high complexity python fedoraproject debian netapp djangoproject oracle CWE-444	5.9
2021-02-11	CVE-2021-22881	Open Redirect vulnerability in multiple products The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. network low complexity rubyonrails fedoraproject CWE-601	6.1
2021-02-09	CVE-2021-21147	Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject	4.3
2021-02-09	CVE-2021-26925	Cross-site Scripting vulnerability in multiple products Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering. network low complexity roundcube fedoraproject CWE-79	5.4
2021-02-08	CVE-2020-36151	Out-of-bounds Write vulnerability in multiple products Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. network low complexity symonics fedoraproject CWE-787	6.5