High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-29	CVE-2021-25215	Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. network low complexity debian isc fedoraproject netapp oracle siemens CWE-617	7.5
2021-03-07	CVE-2021-27365	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. local low complexity linux debian oracle netapp CWE-787	7.8
2021-03-07	CVE-2021-27364	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. local low complexity linux debian netapp oracle canonical CWE-125	7.1
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2020-12-09	CVE-2020-29661	Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom oracle CWE-667	7.8
2020-06-05	CVE-2020-12723	Classic Buffer Overflow vulnerability in multiple products regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. network low complexity perl netapp fedoraproject opensuse oracle CWE-120	7.5
2020-06-05	CVE-2020-10878	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. network low complexity perl fedoraproject opensuse netapp oracle CWE-190	8.6
2020-06-05	CVE-2020-10543	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. network low complexity perl fedoraproject opensuse oracle CWE-190	8.2
2017-08-11	CVE-2016-6796	A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. network low complexity apache debian netapp canonical oracle redhat	7.5
2017-08-10	CVE-2016-6797	Incorrect Authorization vulnerability in multiple products The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. network low complexity apache oracle debian netapp canonical redhat CWE-863	7.5