High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-03	CVE-2020-25632	Use After Free vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-416	8.2
2021-03-03	CVE-2020-14372	Incomplete Blacklist vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. local high complexity gnu redhat fedoraproject netapp CWE-184	7.5
2021-02-23	CVE-2021-20226	Use After Free vulnerability in multiple products A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. local low complexity linux netapp CWE-416	7.8
2021-02-19	CVE-2021-26296	Cross-Site Request Forgery (CSRF) vulnerability in multiple products In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site request forgery (CSRF) tokens. network high complexity apache netapp CWE-352	7.5
2021-02-17	CVE-2020-8625	Classic Buffer Overflow vulnerability in multiple products BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. network high complexity isc debian fedoraproject siemens netapp CWE-120	8.1
2021-02-15	CVE-2021-27219	Incorrect Conversion between Numeric Types vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. network low complexity gnome fedoraproject debian netapp broadcom CWE-681	7.5
2021-02-15	CVE-2021-27218	Incorrect Conversion between Numeric Types vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. network low complexity gnome fedoraproject debian netapp broadcom CWE-681	7.5
2021-02-15	CVE-2021-23337	Code Injection vulnerability in multiple products Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. network low complexity lodash oracle netapp siemens CWE-94	7.2
2021-02-15	CVE-2021-21702	NULL Pointer Dereference vulnerability in multiple products In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash. network low complexity php debian netapp oracle CWE-476	7.5
2021-02-05	CVE-2021-26708	Improper Locking vulnerability in multiple products A local privilege escalation was discovered in the Linux kernel before 5.10.13. local high complexity linux netapp CWE-667	7.0