High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-19	CVE-2020-25097	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. network low complexity squid-cache debian fedoraproject netapp CWE-444	8.6
2021-03-17	CVE-2021-28660	Out-of-bounds Write vulnerability in multiple products rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. low complexity linux fedoraproject debian netapp CWE-787	8.8
2021-03-15	CVE-2021-26987	Element Plug-in for vCenter Server incorporates SpringBoot Framework. network low complexity vmware netapp	7.5
2021-03-15	CVE-2021-28375	Missing Authorization vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.6. local low complexity linux fedoraproject netapp CWE-862	7.8
2021-03-11	CVE-2020-5025	Classic Buffer Overflow vulnerability in multiple products IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. local low complexity ibm netapp CWE-120	7.2
2021-03-09	CVE-2020-35524	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. local low complexity libtiff debian fedoraproject netapp redhat CWE-787	7.8
2021-03-09	CVE-2020-35523	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. local low complexity libtiff debian netapp redhat CWE-190	7.8
2021-03-05	CVE-2021-28041	Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. network high complexity openbsd fedoraproject netapp oracle CWE-415	7.1
2021-03-03	CVE-2021-22884	Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. network high complexity nodejs fedoraproject netapp oracle siemens	7.5
2021-03-03	CVE-2021-22883	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. network low complexity nodejs fedoraproject netapp oracle siemens CWE-772	7.5