Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-23	CVE-2021-3672	Cross-site Scripting vulnerability in multiple products A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. network high complexity c-ares-project fedoraproject redhat siemens nodejs pgbouncer CWE-79	5.6
2021-11-04	CVE-2021-43389	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 5.14.15. local low complexity linux redhat debian oracle CWE-125	5.5
2021-10-19	CVE-2021-3746	A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. network low complexity libtpms-project fedoraproject redhat	6.5
2021-10-04	CVE-2021-32672	Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. network low complexity redis redhat debian fedoraproject netapp oracle CWE-125	4.3
2021-08-31	CVE-2021-3634	Out-of-bounds Write vulnerability in multiple products A flaw has been found in libssh in versions prior to 0.9.6. network low complexity libssh redhat debian fedoraproject oracle netapp CWE-787	6.5
2021-08-25	CVE-2021-3605	There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. local low complexity openexr redhat debian	5.5
2021-08-13	CVE-2021-3573	A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). local high complexity linux redhat fedoraproject	6.4
2021-08-13	CVE-2021-3635	A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. local low complexity linux redhat fedoraproject	4.4
2021-08-05	CVE-2021-3679	Infinite Loop vulnerability in multiple products A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. local low complexity linux redhat debian CWE-835	5.5
2021-07-06	CVE-2021-3598	There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. local low complexity openexr redhat debian	5.5