High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-01	CVE-2022-42823	Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved memory handling. network low complexity apple fedoraproject debian CWE-843	8.8
2022-11-01	CVE-2022-42309	Release of Invalid Pointer or Reference vulnerability in multiple products Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. local low complexity xen debian fedoraproject CWE-763	8.8
2022-11-01	CVE-2022-42320	Incomplete Cleanup vulnerability in multiple products Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. local high complexity xen debian fedoraproject CWE-459	7.0
2022-10-31	CVE-2022-40617	Resource Exhaustion vulnerability in multiple products strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. network low complexity strongswan canonical debian fedoraproject stormshield CWE-400	7.5
2022-10-29	CVE-2022-41974	Improper Privilege Management vulnerability in multiple products multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. local low complexity opensvc fedoraproject debian CWE-269	7.8
2022-10-29	CVE-2022-41973	Link Following vulnerability in multiple products multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. local low complexity opensvc fedoraproject debian CWE-59	7.8
2022-10-26	CVE-2022-39286	Uncontrolled Search Path Element vulnerability in multiple products Jupyter Core is a package for the core common functionality of Jupyter projects. network low complexity jupyter debian fedoraproject CWE-427	8.8
2022-10-26	CVE-2022-3705	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in vim and classified as problematic. network high complexity vim fedoraproject debian netapp CWE-119	7.5
2022-10-25	CVE-2022-41704	Server-Side Request Forgery (SSRF) vulnerability in multiple products A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. network low complexity apache debian CWE-918	7.5
2022-10-25	CVE-2022-42890	Server-Side Request Forgery (SSRF) vulnerability in multiple products A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. network low complexity apache debian CWE-918	7.5