Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-16	CVE-2021-40438	Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. network high complexity apache fedoraproject debian netapp broadcom f5 oracle siemens tenable CWE-918 critical	9.0
2021-07-21	CVE-2021-2447	Unspecified vulnerability in Oracle Secure Global Desktop 5.6 Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). network low complexity oracle critical	9.9
2021-07-21	CVE-2021-2446	Unspecified vulnerability in Oracle Secure Global Desktop 5.6 Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). network low complexity oracle critical	9.6
2021-04-22	CVE-2021-2177	Unspecified vulnerability in Oracle Secure Global Desktop 5.6 Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Gateway). network low complexity oracle critical	10.0
2021-04-22	CVE-2021-2221	Unspecified vulnerability in Oracle Secure Global Desktop 5.6 Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). network low complexity oracle critical	9.6
2021-04-22	CVE-2021-2248	Unspecified vulnerability in Oracle Secure Global Desktop 5.6 Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). network low complexity oracle critical	10.0
2019-02-06	CVE-2019-3822	Out-of-bounds Write vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. network low complexity haxx canonical debian netapp siemens oracle redhat CWE-787 critical	9.8
2017-07-13	CVE-2017-9788	Improper Input Validation vulnerability in multiple products In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. network low complexity apache debian apple netapp redhat oracle CWE-20 critical	9.1
2017-06-20	CVE-2017-3167	Improper Authentication vulnerability in multiple products In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. network low complexity apache netapp redhat apple debian oracle CWE-287 critical	9.8
2016-10-25	CVE-2016-5580	Improper Access Control vulnerability in Oracle Secure Global Desktop 4.7/5.2 Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through Web Services. network low complexity oracle CWE-284 critical	9.6