High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-02	CVE-2021-1789	Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved state handling. network low complexity apple fedoraproject webkitgtk CWE-843	8.8
2021-04-02	CVE-2021-1788	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. network low complexity apple debian fedoraproject CWE-416	8.8
2021-04-01	CVE-2021-29421	XXE vulnerability in multiple products models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries. network low complexity pikepdf-project fedoraproject CWE-611	7.5
2021-03-29	CVE-2021-23358	Code Injection vulnerability in multiple products The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. network low complexity underscorejs debian tenable fedoraproject CWE-94	7.2
2021-03-26	CVE-2021-21332	Cross-site Scripting vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). network low complexity matrix fedoraproject CWE-79	8.2
2021-03-26	CVE-2021-20271	A flaw was found in RPM's signature check functionality when reading a package file. local high complexity rpm redhat fedoraproject starwindsoftware	7.0
2021-03-25	CVE-2021-3450	Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. network high complexity openssl freebsd netapp windriver fedoraproject tenable oracle mcafee sonicwall nodejs CWE-295	7.4
2021-03-23	CVE-2021-20270	Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. network low complexity pygments redhat fedoraproject debian CWE-835	7.5
2021-03-23	CVE-2021-21349	XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject oracle	8.6
2021-03-23	CVE-2021-21348	Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject oracle CWE-400	7.5