12.5.1

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-18	CVE-2022-22604	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22605	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22606	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22607	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2022-03-18	CVE-2022-22608	Out-of-bounds Read vulnerability in Apple Xcode An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2021-12-10	CVE-2021-44228	Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple critical	10.0
2020-01-09	CVE-2019-20372	HTTP Request Smuggling vulnerability in multiple products NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. network low complexity f5 apple canonical opensuse netapp CWE-444	5.3
2019-07-29	CVE-2019-14379	SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. network low complexity fasterxml debian netapp fedoraproject redhat oracle apple critical	9.8
2018-11-07	CVE-2018-16845	nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. local low complexity f5 debian canonical opensuse apple	6.1
2018-11-07	CVE-2018-16844	nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. network low complexity f5 debian canonical apple	7.5