12.4.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-10	CVE-2020-13950	NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service network low complexity apache debian fedoraproject oracle CWE-476	7.5
2021-06-10	CVE-2020-35452	Out-of-bounds Write vulnerability in multiple products Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. network low complexity apache debian fedoraproject oracle CWE-787	7.3
2021-06-10	CVE-2021-26690	NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service network low complexity apache debian fedoraproject oracle CWE-476	7.5
2021-06-10	CVE-2021-26691	Out-of-bounds Write vulnerability in multiple products In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow network low complexity apache debian fedoraproject oracle netapp CWE-787 critical	9.8
2021-06-10	CVE-2021-30641	Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' network low complexity apache debian fedoraproject oracle	5.3
2021-06-07	CVE-2021-22222	Infinite Loop vulnerability in multiple products Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file network low complexity wireshark oracle debian CWE-835	5.0
2021-05-28	CVE-2021-29505	Deserialization of Untrusted Data vulnerability in multiple products XStream is software for serializing Java objects to XML and back again. network low complexity xstream-project debian fedoraproject netapp oracle CWE-502	8.8
2021-05-18	CVE-2021-3518	Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. network low complexity xmlsoft debian redhat fedoraproject netapp oracle CWE-416	8.8
2021-05-14	CVE-2021-3537	NULL Pointer Dereference vulnerability in multiple products A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. network high complexity xmlsoft redhat debian fedoraproject netapp oracle CWE-476	5.9
2021-02-16	CVE-2021-23841	NULL Pointer Dereference vulnerability in multiple products The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. network high complexity openssl debian tenable apple netapp oracle siemens CWE-476	5.9