High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-01	CVE-2024-6387	Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). network high complexity openbsd redhat suse debian canonical amazon netapp freebsd netbsd CWE-362	8.1
2024-06-05	CVE-2024-5629	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory. network low complexity mongodb debian CWE-125	8.1
2024-02-23	CVE-2024-26598	Use After Free vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command. local low complexity linux debian CWE-416	7.8
2024-02-13	CVE-2024-24814	mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. network low complexity openidc debian fedoraproject	7.5
2024-02-07	CVE-2023-6356	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NVMe driver. network low complexity redhat linux debian CWE-476	7.5
2024-02-07	CVE-2023-6536	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NVMe driver. network low complexity linux redhat debian CWE-476	7.5
2024-01-31	CVE-2024-1086	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. local low complexity linux fedoraproject redhat debian netapp CWE-416	7.8
2024-01-29	CVE-2023-46838	NULL Pointer Dereference vulnerability in multiple products Transmit requests in Xen's virtual network protocol can consist of multiple parts. network low complexity linux fedoraproject debian CWE-476	7.5
2024-01-23	CVE-2024-0750	A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. network low complexity mozilla debian	8.8
2024-01-23	CVE-2024-0751	Improper Privilege Management vulnerability in multiple products A malicious devtools extension could have been used to escalate privileges. network low complexity mozilla debian CWE-269	8.8