High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-03	CVE-2022-0492	Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. local low complexity linux debian redhat canonical fedoraproject netapp CWE-862	7.8
2022-02-21	CVE-2021-44142	Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. network low complexity samba debian canonical synology fedoraproject redhat CWE-787	8.8
2022-02-18	CVE-2020-25717	Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. network low complexity samba debian fedoraproject redhat canonical CWE-20	8.1
2022-02-18	CVE-2020-25719	Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. network low complexity samba debian fedoraproject canonical redhat CWE-362	7.2
2022-02-18	CVE-2020-25722	Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. network low complexity samba debian fedoraproject canonical CWE-863	8.8
2022-02-18	CVE-2021-4093	Out-of-bounds Write vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). local low complexity linux redhat fedoraproject canonical CWE-787	8.8
2022-02-17	CVE-2021-44730	Link Following vulnerability in multiple products snapd 2.54.2 did not properly validate the location of the snap-confine binary. local low complexity canonical fedoraproject debian CWE-59	8.8
2022-02-17	CVE-2021-44731	Race Condition vulnerability in multiple products A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. local high complexity canonical fedoraproject debian CWE-362	7.8
2022-02-17	CVE-2021-4120	Improper Input Validation vulnerability in multiple products snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. local low complexity canonical fedoraproject CWE-20	7.8
2022-02-16	CVE-2021-3560	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. local low complexity polkit-project debian canonical redhat CWE-754	7.8