12.4

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-18	CVE-2022-22604	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22605	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22606	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22607	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22608	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2021-12-10	CVE-2021-44228	Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity siemens apache intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical	10.0
2021-03-09	CVE-2021-21300	Git is an open-source distributed revision control system. network high complexity git-scm fedoraproject apple debian	7.5
2020-01-09	CVE-2019-20372	HTTP Request Smuggling vulnerability in multiple products NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. network low complexity f5 apple canonical opensuse netapp CWE-444	5.3
2019-07-29	CVE-2019-14379	SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. network low complexity fasterxml debian netapp fedoraproject redhat oracle apple critical	9.8
2018-11-07	CVE-2018-16845	nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. local low complexity f5 debian canonical opensuse apple	6.1