Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-24	CVE-2022-24599	Memory Leak vulnerability in multiple products In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. network low complexity audio-file-library-project debian fedoraproject CWE-401	6.5
2022-02-22	CVE-2022-0714	Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. local low complexity vim fedoraproject debian apple CWE-122	5.5
2022-02-21	CVE-2021-4115	There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. local low complexity polkit-project redhat fedoraproject canonical debian oracle	5.5
2022-02-21	CVE-2022-0696	NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. local low complexity vim fedoraproject apple debian CWE-476	5.5
2022-02-20	CVE-2022-25375	Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. local low complexity linux debian CWE-1284	5.5
2022-02-18	CVE-2016-2124	Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. network high complexity samba debian fedoraproject redhat canonical CWE-287	5.9
2022-02-18	CVE-2021-20321	Race Condition vulnerability in multiple products A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. local high complexity linux redhat debian CWE-362	4.7
2022-02-18	CVE-2021-3930	Off-by-one Error vulnerability in multiple products An off-by-one error was found in the SCSI device emulation in QEMU. local low complexity qemu redhat debian CWE-193	6.5
2022-02-18	CVE-2022-0585	Excessive Iteration vulnerability in multiple products Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-834	6.5
2022-02-18	CVE-2022-25313	Uncontrolled Recursion vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-674	6.5