High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-23	CVE-2021-21348	Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject oracle CWE-400	7.5
2021-03-23	CVE-2021-21343	External Control of File Name or Path vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject oracle CWE-73	7.5
2021-03-23	CVE-2021-21341	Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject oracle CWE-502	7.5
2021-03-15	CVE-2021-22191	Injection vulnerability in multiple products Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. network low complexity wireshark oracle debian CWE-74	8.8
2021-03-12	CVE-2021-27290	ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. network low complexity ssri-project oracle siemens	7.5
2021-03-10	CVE-2020-13936	An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. network low complexity apache debian oracle	8.8
2021-03-07	CVE-2021-27365	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. local low complexity linux debian oracle netapp CWE-787	7.8
2021-03-07	CVE-2021-27364	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. local low complexity linux debian netapp oracle canonical CWE-125	7.1
2021-03-05	CVE-2021-28041	Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. network high complexity openbsd fedoraproject netapp oracle CWE-415	7.1
2021-03-03	CVE-2021-22884	Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. network high complexity nodejs fedoraproject netapp oracle siemens	7.5