| 2021-08-12 | CVE-2021-32809 | Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support. | 5.4 |
| 2021-08-01 | CVE-2021-32066 | Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. | 7.4 |
| 2021-07-30 | CVE-2021-31799 | OS Command Injection vulnerability in multiple products
In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. | 7.0 |
| 2021-07-13 | CVE-2021-31810 | An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. | 5.8 |
| 2021-03-30 | CVE-2021-21409 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 5.9 |
| 2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |
| 2021-03-25 | CVE-2021-3449 | NULL Pointer Dereference vulnerability in multiple products
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. | 5.9 |
| 2021-03-23 | CVE-2021-20227 | A flaw was found in SQLite's SELECT query functionality (src/select.c). | 5.5 |
| 2021-03-03 | CVE-2021-22884 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. | 7.5 |
| 2021-03-03 | CVE-2021-22883 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. | 7.5 |