3.2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-24	CVE-2021-3711	Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). network low complexity openssl debian netapp oracle tenable CWE-120 critical	9.8
2021-08-24	CVE-2021-3712	Out-of-bounds Read vulnerability in multiple products ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. network high complexity openssl debian netapp mcafee tenable oracle siemens CWE-125	7.4
2021-02-15	CVE-2021-23337	Code Injection vulnerability in multiple products Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. network low complexity lodash oracle netapp siemens CWE-94	6.5
2021-02-15	CVE-2020-28500	Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. network low complexity lodash oracle siemens	5.0
2020-07-15	CVE-2020-14722	Unspecified vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0 Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). network high complexity oracle	5.1
2020-07-15	CVE-2020-14721	Unspecified vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0 Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). network low complexity oracle	6.5
2020-07-15	CVE-2020-14563	Cross-site Scripting vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0 Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). network oracle CWE-79	4.3
2020-07-15	CVE-2020-8203	Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. network high complexity lodash oracle	7.4
2020-06-03	CVE-2020-11080	Improper Enforcement of Message or Data Structure vulnerability in multiple products In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. network low complexity nghttp2 debian opensuse fedoraproject oracle nodejs CWE-707	7.5
2020-05-20	CVE-2020-10726	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in DPDK versions 19.11 and above. local low complexity dpdk fedoraproject opensuse oracle CWE-190	4.4