High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-26	CVE-2022-24999	qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. network low complexity qs-project openjsf debian	7.5
2022-11-23	CVE-2022-44789	Out-of-bounds Write vulnerability in multiple products A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. network low complexity artifex debian fedoraproject CWE-787	8.8
2022-11-15	CVE-2022-41916	Off-by-one Error vulnerability in multiple products Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. network low complexity heimdal-project debian CWE-193	7.5
2022-11-13	CVE-2022-3970	Numeric Errors vulnerability in multiple products A vulnerability was found in LibTIFF. network low complexity libtiff netapp debian apple CWE-189	8.8
2022-11-12	CVE-2022-45188	Out-of-bounds Write vulnerability in multiple products Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. local low complexity netatalk debian fedoraproject CWE-787	7.8
2022-11-09	CVE-2022-45060	An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. network low complexity varnish-software varnish-cache-project fedoraproject debian	7.5
2022-11-09	CVE-2022-3885	Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-416	8.8
2022-11-09	CVE-2022-3886	Use After Free vulnerability in multiple products Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-416	8.8
2022-11-09	CVE-2022-3887	Use After Free vulnerability in multiple products Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-416	8.8
2022-11-09	CVE-2022-3888	Use After Free vulnerability in multiple products Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian CWE-416	8.8