Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-18	CVE-2022-25313	Uncontrolled Recursion vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-674	6.5
2022-01-19	CVE-2022-21271	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network low complexity oracle netapp	5.3
2022-01-19	CVE-2022-21375	Unspecified vulnerability in Oracle Http Server, Solaris and ZFS Storage Appliance KIT Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). local low complexity oracle	5.5
2021-12-30	CVE-2021-4183	Out-of-bounds Read vulnerability in multiple products Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file local low complexity wireshark fedoraproject oracle CWE-125	5.5
2021-10-27	CVE-2021-25219	In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. network low complexity isc debian fedoraproject netapp siemens oracle	5.3
2021-10-20	CVE-2021-35666	Unspecified vulnerability in Oracle Http Server 11.1.1.9.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). network high complexity oracle	5.9
2021-04-22	CVE-2021-2315	Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). network low complexity oracle	5.4
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9
2020-09-04	CVE-2020-24977	Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. network low complexity xmlsoft debian fedoraproject opensuse netapp oracle CWE-125	6.5
2020-04-15	CVE-2020-2952	Unspecified vulnerability in Oracle Http Server 11.1.1.9.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). network low complexity oracle	6.5