13.3

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-23	CVE-2023-32439	Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved checks. network low complexity apple CWE-843	8.8
2023-06-22	CVE-2023-34241	Use After Free vulnerability in multiple products OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. local low complexity openprinting fedoraproject debian apple CWE-416	7.1
2023-05-26	CVE-2023-28319	Use After Free vulnerability in multiple products A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. network low complexity haxx apple netapp CWE-416	7.5
2023-05-26	CVE-2023-28320	Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. network high complexity haxx apple netapp CWE-400	5.9
2023-05-26	CVE-2023-28321	Improper Certificate Validation vulnerability in multiple products An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. network high complexity haxx debian fedoraproject netapp apple CWE-295	5.9
2023-05-26	CVE-2023-28322	An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. network high complexity haxx fedoraproject apple netapp	3.7
2023-05-19	CVE-2023-30774	Out-of-bounds Write vulnerability in multiple products A vulnerability was found in the libtiff library. local low complexity libtiff apple CWE-787	5.5
2023-01-18	CVE-2023-22809	Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. local low complexity sudo-project debian fedoraproject apple CWE-269	7.8
2022-11-13	CVE-2022-3970	Numeric Errors vulnerability in multiple products A vulnerability was found in LibTIFF. network low complexity libtiff netapp debian apple CWE-189	8.8