Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-08	CVE-2021-32029	Out-of-bounds Read vulnerability in multiple products A flaw was found in postgresql. network low complexity postgresql redhat CWE-125	6.5
2021-10-04	CVE-2021-32672	Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. network low complexity redis redhat debian fedoraproject netapp oracle CWE-125	4.3
2021-08-31	CVE-2021-3634	Out-of-bounds Write vulnerability in multiple products A flaw has been found in libssh in versions prior to 0.9.6. network low complexity libssh redhat debian fedoraproject oracle netapp CWE-787	6.5
2021-08-25	CVE-2021-3605	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. local low complexity openexr redhat debian CWE-119	5.5
2021-08-13	CVE-2021-3573	Race Condition vulnerability in multiple products A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). local high complexity linux redhat fedoraproject CWE-362	6.4
2021-08-13	CVE-2021-3635	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. local low complexity linux redhat fedoraproject CWE-119	4.4
2021-08-05	CVE-2021-3642	Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. network high complexity redhat quarkus CWE-203	5.3
2021-08-05	CVE-2021-3679	Infinite Loop vulnerability in multiple products A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. local low complexity linux redhat debian CWE-835	5.5
2021-07-30	CVE-2021-3636	Improper Authentication vulnerability in Redhat Openshift It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. low complexity redhat CWE-287	4.6
2021-07-09	CVE-2021-3541	XML Entity Expansion vulnerability in multiple products A flaw was found in libxml2. network low complexity xmlsoft redhat oracle netapp CWE-776	6.5