High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-03	CVE-2022-36359	Download of Code Without Integrity Check vulnerability in multiple products An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. network low complexity djangoproject debian CWE-494	8.8
2022-08-01	CVE-2022-2509	Double Free vulnerability in multiple products A vulnerability found in gnutls. network low complexity gnu redhat fedoraproject debian CWE-415	7.5
2022-07-28	CVE-2022-30287	Unsafe Reflection vulnerability in multiple products Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. network low complexity horde debian CWE-470	8.0
2022-07-27	CVE-2022-36946	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. network low complexity linux debian netapp	7.5
2022-07-26	CVE-2022-33745	insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. local low complexity xen debian fedoraproject	8.8
2022-07-25	CVE-2022-26306	Use of Insufficiently Random Values vulnerability in multiple products LibreOffice supports the storage of passwords for web connections in the user’s configuration database. network low complexity libreoffice debian CWE-330	7.5
2022-07-25	CVE-2022-26307	LibreOffice supports the storage of passwords for web connections in the user’s configuration database. network low complexity libreoffice debian	8.8
2022-07-24	CVE-2021-46829	Integer Overflow or Wraparound vulnerability in multiple products GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. local low complexity gnome fedoraproject debian CWE-190	7.8
2022-07-22	CVE-2022-31163	Relative Path Traversal vulnerability in multiple products TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. network high complexity tzinfo-project debian CWE-23	8.1
2022-07-20	CVE-2021-46828	Infinite Loop vulnerability in multiple products In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. network low complexity libtirpc-project debian CWE-835	7.5