High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-18	CVE-2022-3235	Use After Free in GitHub repository vim/vim prior to 9.0.0490. local low complexity vim fedoraproject debian	7.8
2022-09-17	CVE-2022-3234	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. local low complexity vim fedoraproject debian	7.8
2022-09-16	CVE-2022-3176	Use After Free vulnerability in multiple products There exists a use-after-free in io_uring in the Linux kernel. local low complexity linux debian CWE-416	7.8
2022-09-16	CVE-2022-40149	Out-of-bounds Write vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). network low complexity jettison-project debian CWE-787	7.5
2022-09-16	CVE-2022-40150	Uncontrolled Recursion vulnerability in multiple products Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). network low complexity jettison-project debian CWE-674	7.5
2022-09-14	CVE-2022-40674	Use After Free vulnerability in multiple products libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. network high complexity libexpat-project debian fedoraproject CWE-416	8.1
2022-09-12	CVE-2022-37797	NULL Pointer Dereference vulnerability in multiple products In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. network low complexity lighttpd debian CWE-476	7.5
2022-09-07	CVE-2022-40023	Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. network low complexity sqlalchemy debian	7.5
2022-09-06	CVE-2022-3134	Use After Free in GitHub repository vim/vim prior to 9.0.0389. local low complexity vim debian	7.8
2022-09-06	CVE-2022-2735	A vulnerability was found in the PCS project. local low complexity clusterlabs debian	7.8