Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-15	CVE-2021-42376	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. local low complexity busybox fedoraproject netapp CWE-476	5.5
2021-11-10	CVE-2020-23903	Divide By Zero vulnerability in multiple products A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. local low complexity xiph fedoraproject CWE-369	5.5
2021-11-09	CVE-2021-43519	Uncontrolled Recursion vulnerability in multiple products Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file. local low complexity lua fedoraproject CWE-674	5.5
2021-11-03	CVE-2021-27836	NULL Pointer Dereference vulnerability in multiple products An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file. network low complexity libxls-project fedoraproject CWE-476	6.5
2021-11-03	CVE-2020-27820	Use After Free vulnerability in multiple products A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). local high complexity linux fedoraproject oracle CWE-416	4.7
2021-10-28	CVE-2021-43056	An issue was discovered in the Linux kernel for powerpc before 5.14.15. local low complexity linux fedoraproject	5.5
2021-10-27	CVE-2021-25219	In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. network low complexity isc debian fedoraproject netapp siemens oracle	5.3
2021-10-26	CVE-2021-41182	Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable CWE-79	6.1
2021-10-26	CVE-2021-41183	Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp debian drupal oracle tenable CWE-79	6.1
2021-10-26	CVE-2021-41184	Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. network low complexity jqueryui fedoraproject netapp drupal tenable oracle CWE-79	6.1