High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-08	CVE-2021-38202	Out-of-bounds Read vulnerability in multiple products fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. network low complexity linux netapp CWE-125	7.5
2021-08-07	CVE-2021-38160	Classic Buffer Overflow vulnerability in multiple products In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. local low complexity linux netapp debian redhat CWE-120	7.8
2021-08-05	CVE-2021-22926	Improper Certificate Validation vulnerability in multiple products libcurl-using applications can ask for a specific client certificate to be used in a transfer. network low complexity haxx netapp oracle siemens splunk CWE-295	7.5
2021-08-05	CVE-2021-3580	A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. network low complexity nettle-project redhat debian netapp	7.5
2021-08-02	CVE-2021-33195	Injection vulnerability in multiple products Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format. network low complexity golang netapp CWE-74	7.3
2021-07-22	CVE-2021-32785	mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. network low complexity openidc netapp debian	7.5
2021-07-22	CVE-2021-36222	NULL Pointer Dereference vulnerability in multiple products ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. network low complexity mit debian netapp oracle CWE-476	7.5
2021-07-20	CVE-2021-33909	Integer Overflow or Wraparound vulnerability in multiple products fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. local low complexity linux fedoraproject debian netapp oracle sonicwall CWE-190	7.8
2021-07-13	CVE-2021-35515	Infinite Loop vulnerability in multiple products When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. network low complexity apache netapp oracle CWE-835	7.5
2021-07-13	CVE-2021-35516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. network low complexity apache netapp oracle CWE-770	7.5