High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-08	CVE-2022-39377	sysstat is a set of system performance tools for the Linux operating system. local low complexity sysstat-project debian fedoraproject	7.8
2022-11-06	CVE-2022-40284	Classic Buffer Overflow vulnerability in multiple products A buffer overflow was discovered in NTFS-3G before 2022.10.3. local low complexity tuxera debian fedoraproject CWE-120	7.8
2022-11-04	CVE-2021-34055	Classic Buffer Overflow vulnerability in multiple products jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u. local low complexity jhead-project debian CWE-120	7.8
2022-11-03	CVE-2022-44638	Integer Overflow or Wraparound vulnerability in multiple products In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. network low complexity pixman debian fedoraproject CWE-190	8.8
2022-11-02	CVE-2021-37789	Out-of-bounds Write vulnerability in multiple products stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. network low complexity stb-project debian CWE-787	8.1
2022-11-01	CVE-2022-42823	Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved memory handling. network low complexity apple fedoraproject debian CWE-843	8.8
2022-11-01	CVE-2022-42309	Release of Invalid Pointer or Reference vulnerability in multiple products Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. local low complexity xen debian fedoraproject CWE-763	8.8
2022-11-01	CVE-2022-42320	Incomplete Cleanup vulnerability in multiple products Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. local high complexity xen debian fedoraproject CWE-459	7.0
2022-10-31	CVE-2022-40617	Resource Exhaustion vulnerability in multiple products strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. network low complexity strongswan canonical debian fedoraproject stormshield CWE-400	7.5
2022-10-29	CVE-2022-41974	Improper Privilege Management vulnerability in multiple products multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. local low complexity opensvc fedoraproject debian CWE-269	7.8