High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-08	CVE-2021-33560	Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. network low complexity gnupg debian fedoraproject oracle CWE-203	7.5
2021-06-07	CVE-2021-22222	Infinite Loop vulnerability in multiple products Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file network low complexity wireshark oracle debian CWE-835	7.5
2021-06-03	CVE-2020-28469	Resource Exhaustion vulnerability in multiple products This affects the package glob-parent before 5.1.2. network low complexity gulpjs oracle CWE-400	7.5
2021-06-01	CVE-2021-31684	Out-of-bounds Write vulnerability in multiple products A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request. network low complexity json-smart-project oracle CWE-787	7.5
2021-06-01	CVE-2021-3516	Use After Free vulnerability in multiple products There's a flaw in libxml2's xmllint in versions before 2.9.11. local low complexity xmlsoft debian fedoraproject redhat netapp oracle CWE-416	7.8
2021-06-01	CVE-2021-23017	A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. network high complexity f5 openresty fedoraproject netapp oracle	7.7
2021-05-28	CVE-2021-29505	XStream is software for serializing Java objects to XML and back again. network low complexity xstream-project debian fedoraproject netapp oracle	8.8
2021-05-27	CVE-2021-22118	Exposure of Resource to Wrong Sphere vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. local low complexity vmware oracle netapp CWE-668	7.8
2021-05-20	CVE-2021-20718	Resource Exhaustion vulnerability in multiple products mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors. network low complexity openidc fedoraproject oracle CWE-400	7.5
2021-05-19	CVE-2021-3517	There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. network low complexity xmlsoft redhat fedoraproject debian netapp oracle	8.6