High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-13	CVE-2021-43818	Injection vulnerability in multiple products lxml is a library for processing XML and HTML in the Python language. network low complexity lxml fedoraproject debian netapp oracle CWE-74	7.1
2021-12-13	CVE-2020-16154	Improper Verification of Cryptographic Signature vulnerability in multiple products The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. local low complexity app fedoraproject CWE-347	7.8
2021-12-08	CVE-2021-44420	In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. network low complexity djangoproject redhat debian canonical fedoraproject	7.3
2021-12-07	CVE-2021-44686	Resource Exhaustion vulnerability in multiple products calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py. network low complexity calibre-ebook fedoraproject CWE-400	7.5
2021-12-06	CVE-2021-4069	Use After Free vulnerability in multiple products vim is vulnerable to Use After Free local low complexity vim fedoraproject debian CWE-416	7.8
2021-12-01	CVE-2021-3984	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian CWE-122	7.8
2021-12-01	CVE-2021-4019	Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow local low complexity vim fedoraproject debian CWE-122	7.8
2021-11-24	CVE-2021-28705	Improper Handling of Exceptional Conditions vulnerability in multiple products issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. local low complexity xen fedoraproject debian CWE-755	7.8
2021-11-24	CVE-2021-28709	Improper Handling of Exceptional Conditions vulnerability in multiple products issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. local low complexity xen fedoraproject debian CWE-755	7.8
2021-11-24	CVE-2021-28704	PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. local low complexity xen fedoraproject debian	8.8