Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-30	CVE-2021-25145	A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. low complexity arubanetworks siemens	6.5
2021-03-29	CVE-2019-5317	Improper Authentication vulnerability in multiple products A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. low complexity arubanetworks siemens CWE-287	6.8
2021-03-25	CVE-2021-3449	NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. network high complexity openssl debian freebsd netapp tenable fedoraproject mcafee checkpoint oracle sonicwall siemens nodejs CWE-476	5.9
2021-03-23	CVE-2021-23362	The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. network low complexity npmjs siemens	5.3
2021-03-15	CVE-2021-25675	Unspecified vulnerability in Siemens Simatic S7-Plcsim 5.4 A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). local low complexity siemens	5.5
2021-03-15	CVE-2021-25674	Unspecified vulnerability in Siemens Simatic S7-Plcsim 5.4 A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). local low complexity siemens	5.5
2021-03-15	CVE-2021-25673	Unspecified vulnerability in Siemens Simatic S7-Plcsim A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). local low complexity siemens	5.5
2021-03-15	CVE-2020-28387	Unspecified vulnerability in Siemens Solid Edge Se2020/Se2021 A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). local low complexity siemens	5.5
2021-02-16	CVE-2021-23841	NULL Pointer Dereference vulnerability in multiple products The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. network high complexity openssl debian tenable apple netapp oracle siemens CWE-476	5.9
2021-02-15	CVE-2020-28500	Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. network low complexity lodash oracle siemens	5.3