Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-22	CVE-2021-28972	Classic Buffer Overflow vulnerability in multiple products In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. local low complexity linux fedoraproject netapp CWE-120	6.7
2021-03-22	CVE-2021-28971	Improper Handling of Exceptional Conditions vulnerability in multiple products In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. local low complexity linux fedoraproject debian netapp CWE-755	5.5
2021-03-22	CVE-2021-28964	Race Condition vulnerability in multiple products A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. local high complexity linux fedoraproject debian netapp CWE-362	4.7
2021-03-21	CVE-2021-28957	Cross-site Scripting vulnerability in multiple products An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. network low complexity lxml debian fedoraproject netapp oracle CWE-79	6.1
2021-03-20	CVE-2020-27171	Off-by-one Error vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. local low complexity linux fedoraproject debian canonical CWE-193	6.0
2021-03-20	CVE-2020-27170	Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. local high complexity linux fedoraproject canonical debian CWE-203	4.7
2021-03-20	CVE-2021-28951	Improper Locking vulnerability in multiple products An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. local low complexity linux fedoraproject netapp CWE-667	5.5
2021-03-20	CVE-2021-28950	Excessive Iteration vulnerability in multiple products An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. local low complexity linux fedoraproject debian CWE-834	5.5
2021-03-19	CVE-2021-27906	A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. local low complexity apache fedoraproject oracle	5.5