High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-20	CVE-2021-35583	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Windows). network low complexity oracle netapp	7.5
2021-09-29	CVE-2021-22946	Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). network low complexity haxx debian fedoraproject netapp oracle apple siemens splunk CWE-319	7.5
2021-08-05	CVE-2021-22926	Improper Certificate Validation vulnerability in multiple products libcurl-using applications can ask for a specific client certificate to be used in a transfer. network low complexity haxx netapp oracle siemens splunk CWE-295	7.5
2021-07-22	CVE-2021-36222	NULL Pointer Dereference vulnerability in multiple products ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. network low complexity mit debian netapp oracle CWE-476	7.5
2021-06-11	CVE-2021-22901	Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. network high complexity haxx oracle netapp siemens splunk CWE-416	8.1
2021-04-22	CVE-2021-2144	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). network low complexity oracle netapp mariadb	7.2
2021-04-01	CVE-2021-28165	Improper Handling of Exceptional Conditions vulnerability in multiple products In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. network low complexity eclipse oracle jenkins netapp CWE-755	7.5
2021-03-31	CVE-2021-29662	Incorrect Type Conversion or Cast vulnerability in multiple products The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. network low complexity data netapp CWE-704	7.5
2021-03-03	CVE-2021-22884	Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. network high complexity nodejs fedoraproject netapp oracle siemens	7.5
2021-01-13	CVE-2021-21252	Resource Exhaustion vulnerability in multiple products The jQuery Validation Plugin provides drop-in validation for your existing forms. network low complexity jqueryvalidation netapp CWE-400	7.5