Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-22	CVE-2021-2154	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). network low complexity oracle mariadb netapp fedoraproject	4.9
2021-04-22	CVE-2021-2146	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). network low complexity oracle fedoraproject netapp	4.9
2021-04-22	CVE-2021-2144	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). network low complexity oracle netapp mariadb	6.5
2021-04-13	CVE-2021-29425	Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. network high complexity apache debian oracle netapp CWE-22	4.8
2021-04-01	CVE-2021-22876	Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. network low complexity haxx fedoraproject netapp broadcom debian siemens oracle splunk CWE-200	5.3
2021-04-01	CVE-2021-28164	In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. network low complexity eclipse netapp oracle	5.3
2021-03-30	CVE-2021-21409	HTTP Request Smuggling vulnerability in multiple products Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. network high complexity netty debian netapp oracle quarkus CWE-444	5.9
2021-03-26	CVE-2021-20289	Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. network low complexity redhat netapp quarkus oracle CWE-209	5.0
2021-03-26	CVE-2021-20284	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. local low complexity gnu netapp CWE-119	5.5
2021-03-26	CVE-2021-20197	Link Following vulnerability in multiple products There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. local high complexity gnu redhat netapp broadcom CWE-59	6.3