Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-13	CVE-2021-32921	Race Condition vulnerability in multiple products An issue was discovered in Prosody before 0.11.9. network high complexity prosody fedoraproject debian CWE-362	5.9
2021-05-13	CVE-2020-25713	Out-of-bounds Read vulnerability in multiple products A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. network low complexity librdf fedoraproject debian CWE-125	6.5
2021-05-13	CVE-2020-27824	Out-of-bounds Read vulnerability in multiple products A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. local low complexity uclouvain redhat fedoraproject debian CWE-125	5.5
2021-05-11	CVE-2021-3504	A flaw was found in the hivex library in versions before 1.3.20. network low complexity redhat debian fedoraproject	5.4
2021-05-11	CVE-2021-29471	Insufficient Entropy vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). network low complexity matrix fedoraproject CWE-331	5.3
2021-05-10	CVE-2020-13529	Authentication Bypass by Spoofing vulnerability in multiple products An exploitable denial-of-service vulnerability exists in Systemd 245. high complexity systemd-project fedoraproject netapp CWE-290	6.1
2021-05-10	CVE-2021-32056	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall. network low complexity cyrus fedoraproject CWE-732	4.3
2021-05-07	CVE-2021-21419	Eventlet is a concurrent networking library for Python. network low complexity eventlet fedoraproject	5.3
2021-05-06	CVE-2021-31829	Incorrect Authorization vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. local low complexity linux fedoraproject debian CWE-863	5.5
2021-05-06	CVE-2021-32052	Cross-site Scripting vulnerability in multiple products In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). network low complexity djangoproject fedoraproject CWE-79	6.1