Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-30	CVE-2021-3630	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. local low complexity djvulibre-project debian fedoraproject CWE-787	5.5
2021-06-28	CVE-2020-28200	Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated by a situation with a complex regular expression for the regex extension. network low complexity dovecot fedoraproject CWE-770	4.3
2021-06-28	CVE-2021-33515	Command Injection vulnerability in multiple products The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. network high complexity dovecot fedoraproject debian CWE-77	4.8
2021-06-28	CVE-2021-29157	Path Traversal vulnerability in multiple products Dovecot before 2.3.15 allows ../ Path Traversal. local low complexity dovecot fedoraproject CWE-22	5.5
2021-06-22	CVE-2021-0561	Out-of-bounds Write vulnerability in multiple products In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. local low complexity google fedoraproject debian CWE-787	5.5
2021-06-12	CVE-2021-31811	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. local low complexity apache fedoraproject oracle CWE-770	5.5
2021-06-12	CVE-2021-31812	Infinite Loop vulnerability in multiple products In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. local low complexity apache fedoraproject oracle CWE-835	5.5
2021-06-10	CVE-2021-34557	Classic Buffer Overflow vulnerability in multiple products XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. low complexity xscreensaver-project fedoraproject CWE-120	4.6
2021-06-10	CVE-2019-17567	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured. network low complexity apache fedoraproject oracle CWE-444	5.3
2021-06-10	CVE-2021-30641	Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' network low complexity apache debian fedoraproject oracle	5.3