Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2022-0617	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. local low complexity linux debian CWE-476	5.5
2022-02-11	CVE-2022-23634	Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. network high complexity puma rubyonrails debian fedoraproject CWE-404	5.9
2022-02-11	CVE-2022-23633	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Action Pack is a framework for handling and responding to web requests. network high complexity rubyonrails debian CWE-212	5.9
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5
2022-02-11	CVE-2022-0562	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff fedoraproject debian netapp CWE-476	5.5
2022-02-09	CVE-2022-0529	Out-of-bounds Write vulnerability in multiple products A flaw was found in Unzip. local low complexity unzip-project redhat fedoraproject debian CWE-787	5.5
2022-02-09	CVE-2022-0530	A flaw was found in Unzip. local low complexity unzip-project redhat fedoraproject apple debian	5.5
2022-02-09	CVE-2022-0534	Out-of-bounds Read vulnerability in multiple products A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault). local low complexity htmldoc-project debian CWE-125	5.5
2022-02-04	CVE-2021-40403	Missing Initialization of a Variable vulnerability in multiple products An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. local low complexity gerbv-project fedoraproject debian CWE-456	6.3
2022-02-04	CVE-2021-46671	Out-of-bounds Read vulnerability in multiple products options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client. network low complexity atftp-project debian CWE-125	5.3