High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-22	CVE-2023-26314	The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter. network low complexity mono-project debian	8.8
2023-02-20	CVE-2023-24998	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured. network low complexity apache debian CWE-770	7.5
2023-02-15	CVE-2023-0361	Information Exposure Through Discrepancy vulnerability in multiple products A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. network high complexity gnu redhat debian fedoraproject netapp CWE-203	7.4
2023-02-15	CVE-2023-24580	Resource Exhaustion vulnerability in multiple products An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. network low complexity djangoproject debian CWE-400	7.5
2023-02-09	CVE-2023-0770	Out-of-bounds Write vulnerability in multiple products Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. local low complexity gpac debian CWE-787	7.8
2023-02-09	CVE-2023-22795	A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. network low complexity rubyonrails debian	7.5
2023-02-01	CVE-2023-23969	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. network low complexity djangoproject debian CWE-770	7.5
2023-01-27	CVE-2020-36658	Improper Certificate Validation vulnerability in multiple products In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. network high complexity lemonldap-ng debian CWE-295	8.1
2023-01-27	CVE-2020-36659	Improper Certificate Validation vulnerability in multiple products In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. network high complexity lemonldap-ng debian CWE-295	8.1
2023-01-26	CVE-2023-0412	Improper Resource Shutdown or Release vulnerability in multiple products TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file network low complexity wireshark debian CWE-404	7.1