High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-04	CVE-2021-3842	nltk is vulnerable to Inefficient Regular Expression Complexity network low complexity nltk debian fedoraproject	7.5
2022-01-01	CVE-2021-45972	Improper Validation of Specified Quantity in Input vulnerability in multiple products The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. local low complexity giftrans-project debian CWE-1284	7.1
2022-01-01	CVE-2021-45960	Incorrect Calculation vulnerability in multiple products In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). network low complexity libexpat-project tenable debian siemens netapp CWE-682	8.8
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5
2022-01-01	CVE-2021-44716	Resource Exhaustion vulnerability in multiple products net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. network low complexity golang debian netapp CWE-400	7.5
2021-12-31	CVE-2021-4192	vim is vulnerable to Use After Free local low complexity vim fedoraproject debian apple	7.8
2021-12-30	CVE-2021-4181	Out-of-bounds Read vulnerability in multiple products Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian oracle CWE-125	7.5
2021-12-30	CVE-2021-4184	Infinite Loop vulnerability in multiple products Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian oracle CWE-835	7.5
2021-12-30	CVE-2021-4185	Infinite Loop vulnerability in multiple products Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian oracle CWE-835	7.5