Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-23	CVE-2021-27568	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. network high complexity json-smart-project oracle CWE-754	5.9
2021-02-16	CVE-2021-23841	NULL Pointer Dereference vulnerability in multiple products The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. network high complexity openssl debian tenable apple netapp oracle siemens CWE-476	5.9
2021-02-15	CVE-2020-28500	Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. network low complexity lodash oracle siemens	5.3
2021-02-03	CVE-2020-29582	Incorrect Default Permissions vulnerability in multiple products In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. network low complexity jetbrains oracle CWE-276	5.3
2021-01-21	CVE-2020-8554	Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. network high complexity kubernetes oracle	5.0
2020-11-20	CVE-2020-4788	IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. local high complexity ibm fedoraproject oracle	4.7
2020-10-12	CVE-2020-15250	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. local low complexity junit debian apache oracle CWE-732	5.5
2020-09-17	CVE-2020-0404	Improper Privilege Management vulnerability in multiple products In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. local low complexity google oracle CWE-269	5.5
2020-09-02	CVE-2020-24553	Cross-site Scripting vulnerability in multiple products Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header. network low complexity golang fedoraproject opensuse oracle CWE-79	6.1
2020-07-29	CVE-2020-16135	NULL Pointer Dereference vulnerability in multiple products libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. network high complexity libssh debian fedoraproject canonical oracle CWE-476	5.9