High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-17	CVE-2022-3564	Race Condition vulnerability in multiple products A vulnerability classified as critical was found in Linux Kernel. high complexity linux debian netapp CWE-362	7.1
2022-10-17	CVE-2022-41751	OS Command Injection vulnerability in multiple products Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option. local low complexity jhead-project fedoraproject debian CWE-78	7.8
2022-10-17	CVE-2022-3550	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability classified as critical was found in X.org Server. network low complexity x-org debian fedoraproject CWE-119	8.8
2022-10-17	CVE-2022-3545	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability has been found in Linux Kernel and classified as critical. local low complexity linux netapp debian CWE-119	7.8
2022-10-14	CVE-2022-41674	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.19.16. low complexity linux fedoraproject debian CWE-787	8.1
2022-10-14	CVE-2022-42720	Use After Free vulnerability in multiple products Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code. local low complexity linux fedoraproject debian CWE-416	7.8
2022-10-13	CVE-2022-42719	Use After Free vulnerability in multiple products A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. low complexity linux fedoraproject debian CWE-416	8.8
2022-10-13	CVE-2022-42902	In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py. network low complexity linaro debian	8.8
2022-10-13	CVE-2022-42906	Command Injection vulnerability in multiple products powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. local low complexity powerline-gitstatus-project debian CWE-77	7.8
2022-10-12	CVE-2021-36369	Improper Authentication vulnerability in multiple products An issue was discovered in Dropbear through 2020.81. network low complexity dropbear-ssh-project debian CWE-287	7.5