Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-26	CVE-2021-21333	Cross-site Scripting vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). network high complexity matrix fedoraproject CWE-79	6.1
2021-03-25	CVE-2021-3467	A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. local low complexity jasper-project fedoraproject	5.5
2021-03-25	CVE-2021-3446	Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. local low complexity libtpms-project redhat fedoraproject CWE-330	5.5
2021-03-25	CVE-2021-3443	A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. local low complexity jasper-project redhat fedoraproject	5.5
2021-03-25	CVE-2021-3449	NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. network high complexity openssl debian freebsd netapp tenable fedoraproject mcafee checkpoint oracle sonicwall siemens nodejs CWE-476	5.9
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-22	CVE-2021-28972	Classic Buffer Overflow vulnerability in multiple products In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. local low complexity linux fedoraproject netapp CWE-120	6.7
2021-03-22	CVE-2021-28971	Improper Handling of Exceptional Conditions vulnerability in multiple products In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. local low complexity linux fedoraproject debian netapp CWE-755	5.5
2021-03-22	CVE-2021-28964	Race Condition vulnerability in multiple products A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. local high complexity linux fedoraproject debian netapp CWE-362	4.7
2021-03-21	CVE-2021-28957	Cross-site Scripting vulnerability in multiple products An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. network low complexity lxml debian fedoraproject netapp oracle CWE-79	6.1