High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-02	CVE-2022-39176	BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. low complexity bluez canonical debian	8.8
2022-09-02	CVE-2022-39177	BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. low complexity bluez canonical debian	8.8
2022-09-01	CVE-2022-2996	Improper Certificate Validation vulnerability in multiple products A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. network high complexity python-scciclient-project debian CWE-295	7.4
2022-08-31	CVE-2022-1271	Improper Input Validation vulnerability in multiple products An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. network low complexity gnu redhat debian tukaani CWE-20	8.8
2022-08-31	CVE-2022-2132	A permissive list of allowed inputs flaw was found in DPDK. network low complexity dpdk fedoraproject debian redhat	8.6
2022-08-31	CVE-2022-3028	Out-of-bounds Write vulnerability in multiple products A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. local high complexity linux fedoraproject debian CWE-787	7.0
2022-08-30	CVE-2022-25857	XML Entity Expansion vulnerability in multiple products The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. network low complexity snakeyaml-project debian CWE-776	7.5
2022-08-30	CVE-2022-39028	NULL Pointer Dereference vulnerability in multiple products telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. network low complexity gnu mit debian netkit-telnet-project CWE-476	7.5
2022-08-30	CVE-2022-38784	Integer Overflow or Wraparound vulnerability in multiple products Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). local low complexity freedesktop debian fedoraproject CWE-190	7.8
2022-08-29	CVE-2022-0367	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. local low complexity libmodbus fedoraproject debian CWE-787	7.8