12.3.2.1.1

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-01	CVE-2021-23017	A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. network high complexity f5 openresty fedoraproject netapp oracle	7.7
2020-07-15	CVE-2020-14705	Unspecified vulnerability in Oracle Goldengate Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). low complexity oracle critical	9.6
2019-12-18	CVE-2018-1311	Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. network high complexity apache redhat debian oracle fedoraproject CWE-416	8.1
2019-09-18	CVE-2019-3740	Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. network low complexity dell oracle CWE-203	6.5
2019-09-18	CVE-2019-3739	RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. network low complexity dell oracle	6.5
2019-09-18	CVE-2019-3738	RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. network low complexity dell mcafee oracle	6.5
2017-04-17	CVE-2017-5645	Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. network low complexity apache netapp redhat oracle CWE-502 critical	9.8