CVE-2021-26990 — CVSS 9.1 (critical): Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system…
CVE-2020-25097 — CVSS 8.6 (high): An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to…
CVE-2021-28165 — CVSS 7.5 (high): In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large…
CVE-2020-14058 — CVSS 7.5 (high): An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default…
CVE-2021-27002 — CVSS 7.5 (high): NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to…
CVE-2021-26992 — CVSS 7.5 (high): Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service…
CVE-2021-28651 — CVSS 7.5 (high): An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When…
CVE-2021-26991 — CVSS 7.5 (high): Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker…
CVE-2021-23337 — CVSS 7.2 (high): Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
CVE-2021-42550 — CVSS 6.6 (medium): In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious…
CVE-2021-31806 — CVSS 6.5 (medium): An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service…
CVE-2021-31808 — CVSS 6.5 (medium): An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service…
CVE-2021-31807 — CVSS 6.5 (medium): An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of…
CVE-2021-45105 — CVSS 5.9 (medium): Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from…
CVE-2021-28164 — CVSS 5.3 (medium): In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e…
CVE-2021-26999 — CVSS 4.3 (medium): NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is…
CVE-2021-26998 — CVSS 4.3 (medium): NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with…
CVE-2021-28163 — CVSS 2.7 (low): In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a…