Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-31	CVE-2021-3634	Out-of-bounds Write vulnerability in multiple products A flaw has been found in libssh in versions prior to 0.9.6. network low complexity libssh redhat debian fedoraproject oracle netapp CWE-787	6.5
2021-08-05	CVE-2021-22922	Improper Handling of Exceptional Conditions vulnerability in multiple products When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. network low complexity haxx fedoraproject netapp oracle siemens splunk CWE-755	6.5
2021-08-05	CVE-2021-22923	Insufficiently Protected Credentials vulnerability in multiple products When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. network high complexity haxx fedoraproject netapp oracle siemens splunk CWE-522	5.3
2021-08-05	CVE-2021-22925	Use of Uninitialized Resource vulnerability in multiple products curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. network low complexity haxx fedoraproject netapp apple oracle siemens splunk CWE-908	5.3
2021-07-09	CVE-2021-3541	XML Entity Expansion vulnerability in multiple products A flaw was found in libxml2. network low complexity xmlsoft redhat oracle netapp CWE-776	6.5
2021-06-24	CVE-2020-28097	Out-of-bounds Read vulnerability in multiple products The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. low complexity linux netapp CWE-125	5.9
2021-06-11	CVE-2021-22897	Exposure of Resource to Wrong Sphere vulnerability in multiple products curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. network low complexity haxx oracle netapp siemens splunk CWE-668	5.3
2021-06-10	CVE-2020-13938	Missing Authorization vulnerability in multiple products Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows local low complexity apache mcafee netapp CWE-862	5.5
2021-06-09	CVE-2020-12357	Improper Initialization vulnerability in multiple products Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. local low complexity intel netapp siemens CWE-665	6.7
2021-06-09	CVE-2020-12358	Out-of-bounds Write vulnerability in multiple products Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. local low complexity intel siemens netapp CWE-787	4.4