High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-28	CVE-2023-3389	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable). local low complexity linux canonical debian CWE-416	7.8
2023-06-16	CVE-2023-35788	Out-of-bounds Write vulnerability in multiple products An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. local low complexity linux debian netapp canonical CWE-787	7.8
2023-06-06	CVE-2023-32549	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Canonical Landscape Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. network low complexity canonical CWE-338	7.5
2023-06-06	CVE-2023-32550	Exposure of Resource to Wrong Sphere vulnerability in Canonical Landscape Landscape's server-status page exposed sensitive system information. network low complexity canonical CWE-668	8.2
2023-03-27	CVE-2023-0179	Integer Overflow or Wraparound vulnerability in multiple products A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. local low complexity linux canonical fedoraproject redhat CWE-190	7.8
2023-03-27	CVE-2023-1380	Out-of-bounds Read vulnerability in multiple products A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. local low complexity redhat linux netapp debian canonical CWE-125	7.1
2022-10-31	CVE-2022-40617	Resource Exhaustion vulnerability in multiple products strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. network low complexity strongswan canonical debian fedoraproject stormshield CWE-400	7.5
2022-09-21	CVE-2022-41222	Use After Free vulnerability in multiple products mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. local high complexity linux debian netapp canonical CWE-416	7.0
2022-09-02	CVE-2022-39176	BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. low complexity bluez canonical debian	8.8
2022-09-02	CVE-2022-39177	BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. low complexity bluez canonical debian	8.8