High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-03	CVE-2021-30560	Use After Free vulnerability in multiple products Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google xmlsoft debian splunk CWE-416	8.8
2021-06-11	CVE-2021-22901	Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. network high complexity haxx oracle netapp siemens splunk CWE-416	8.1
2020-12-14	CVE-2020-8286	Improper Certificate Validation vulnerability in multiple products curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. network low complexity haxx fedoraproject debian netapp apple siemens oracle splunk CWE-295	7.5
2020-12-14	CVE-2020-8285	Uncontrolled Recursion vulnerability in multiple products curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. network low complexity haxx debian fedoraproject netapp apple oracle fujitsu siemens splunk CWE-674	7.5
2020-12-14	CVE-2020-8231	Use After Free vulnerability in multiple products Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. network low complexity haxx siemens debian oracle splunk CWE-416	7.5
2020-12-14	CVE-2020-8177	Injection vulnerability in multiple products curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. local low complexity haxx debian fujitsu siemens splunk CWE-74	7.8
2020-12-14	CVE-2020-8169	Information Exposure vulnerability in multiple products curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s). network low complexity haxx siemens debian splunk CWE-200	7.5
2020-06-15	CVE-2019-20838	Out-of-bounds Read vulnerability in multiple products libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454. network low complexity pcre apple splunk CWE-125	7.5
2020-02-14	CVE-2019-20454	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. network low complexity pcre fedoraproject splunk CWE-125	7.5
2020-01-23	CVE-2013-6773	Improper Privilege Management vulnerability in Splunk Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges local low complexity splunk CWE-269	7.8