High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-04	CVE-2021-23383	The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. network low complexity handlebarsjs netapp	7.5
2021-04-29	CVE-2021-25215	Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. network low complexity debian isc fedoraproject netapp oracle siemens CWE-617	7.5
2021-04-22	CVE-2021-23133	Race Condition vulnerability in multiple products A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. local high complexity linux fedoraproject debian netapp broadcom CWE-362	7.0
2021-04-19	CVE-2021-3506	Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. local low complexity linux debian netapp CWE-125	7.1
2021-04-08	CVE-2021-29154	Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. local low complexity linux fedoraproject debian netapp CWE-77	7.8
2021-04-05	CVE-2021-20305	Out-of-bounds Write vulnerability in multiple products A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. network high complexity nettle-project redhat fedoraproject netapp debian CWE-787	8.1
2021-04-01	CVE-2021-28165	Improper Handling of Exceptional Conditions vulnerability in multiple products In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. network low complexity eclipse oracle jenkins netapp CWE-755	7.5
2021-03-31	CVE-2021-29662	Incorrect Type Conversion or Cast vulnerability in multiple products The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. network low complexity data netapp CWE-704	7.5
2021-03-25	CVE-2021-3450	Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. network high complexity openssl freebsd netapp windriver fedoraproject tenable oracle mcafee sonicwall nodejs CWE-295	7.4
2021-03-20	CVE-2021-28952	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.8. local low complexity linux fedoraproject netapp CWE-120	7.8