Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-22	CVE-2020-22217	Out-of-bounds Read vulnerability in multiple products Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. network high complexity c-ares debian CWE-125	5.9
2023-08-22	CVE-2020-35357	Classic Buffer Overflow vulnerability in multiple products A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. network low complexity gnu debian CWE-120	6.5
2023-08-22	CVE-2022-37050	In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. network low complexity freedesktop debian	6.5
2023-08-22	CVE-2022-37051	Reachable Assertion vulnerability in multiple products An issue was discovered in Poppler 22.07.0. network low complexity freedesktop debian CWE-617	6.5
2023-08-22	CVE-2022-44730	Server-Side Request Forgery (SSRF) vulnerability in multiple products Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL. local low complexity apache debian CWE-918	4.4
2023-08-22	CVE-2022-48554	Out-of-bounds Read vulnerability in multiple products File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. local low complexity file-project debian CWE-125	5.5
2023-08-22	CVE-2022-48566	Race Condition vulnerability in multiple products An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. network high complexity python debian netapp CWE-362	5.9
2023-08-15	CVE-2023-4350	Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google debian fedoraproject	6.5
2023-08-15	CVE-2023-4359	Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. network low complexity google debian fedoraproject	5.3
2023-08-15	CVE-2023-4360	Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. network low complexity google debian fedoraproject	4.3