High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-08	CVE-2021-38202	Out-of-bounds Read vulnerability in multiple products fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. network low complexity linux netapp CWE-125	7.5
2021-08-07	CVE-2021-38160	Classic Buffer Overflow vulnerability in multiple products In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. local low complexity linux netapp debian redhat CWE-120	7.8
2021-08-05	CVE-2021-22926	Improper Certificate Validation vulnerability in multiple products libcurl-using applications can ask for a specific client certificate to be used in a transfer. network low complexity haxx netapp oracle siemens splunk CWE-295	7.5
2021-07-20	CVE-2021-33909	Integer Overflow or Wraparound vulnerability in multiple products fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. local low complexity linux fedoraproject debian netapp oracle sonicwall CWE-190	7.8
2021-07-07	CVE-2021-22555	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. local low complexity linux brocade netapp CWE-787	7.8
2021-05-19	CVE-2021-3517	Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. network low complexity xmlsoft redhat fedoraproject debian netapp oracle CWE-787	8.6
2021-04-08	CVE-2021-29154	Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. local low complexity linux fedoraproject debian netapp CWE-77	7.8
2021-03-05	CVE-2021-28041	Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. network high complexity openbsd fedoraproject netapp oracle CWE-415	7.1
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2021-01-12	CVE-2021-23240	Link Following vulnerability in multiple products selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. local low complexity sudo-project netapp fedoraproject CWE-59	7.8