Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-17	CVE-2021-26931	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. local low complexity linux fedoraproject debian CWE-770	5.5
2021-02-15	CVE-2021-23336	HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. network high complexity python fedoraproject debian netapp djangoproject oracle CWE-444	5.9
2021-02-11	CVE-2021-22881	Open Redirect vulnerability in multiple products The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. network low complexity rubyonrails fedoraproject CWE-601	6.1
2021-02-09	CVE-2021-21147	Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google fedoraproject	4.3
2021-02-09	CVE-2021-26925	Cross-site Scripting vulnerability in multiple products Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering. network low complexity roundcube fedoraproject CWE-79	5.4
2021-02-08	CVE-2020-36151	Out-of-bounds Write vulnerability in multiple products Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. network low complexity symonics fedoraproject CWE-787	6.5
2021-02-08	CVE-2020-36150	Out-of-bounds Read vulnerability in multiple products Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. network low complexity symonics fedoraproject CWE-125	6.5
2021-02-08	CVE-2020-36149	NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. network low complexity symonics fedoraproject CWE-476	6.5
2021-02-08	CVE-2020-36148	NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. network low complexity symonics fedoraproject CWE-476	6.5
2021-02-06	CVE-2020-14312	Unspecified vulnerability in Fedoraproject Fedora A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. network fedoraproject	4.3