High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-23	CVE-2020-35511	Buffer Over-read vulnerability in multiple products A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. local low complexity libpng debian CWE-126	7.8
2022-08-23	CVE-2022-31676	Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. local low complexity vmware debian fedoraproject netapp CWE-269	7.8
2022-08-23	CVE-2022-2946	Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0246. local low complexity vim fedoraproject debian CWE-416	7.8
2022-08-23	CVE-2021-20298	Out-of-bounds Write vulnerability in multiple products A flaw was found in OpenEXR's B44Compressor. network low complexity openexr debian CWE-787	7.5
2022-08-23	CVE-2021-23177	Link Following vulnerability in multiple products An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. local low complexity libarchive fedoraproject redhat debian CWE-59	7.8
2022-08-23	CVE-2021-31566	Link Following vulnerability in multiple products An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. local low complexity libarchive fedoraproject redhat debian splunk CWE-59	7.8
2022-08-19	CVE-2020-27792	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. local low complexity artifex debian CWE-119	7.1
2022-08-15	CVE-2020-21365	Path Traversal vulnerability in multiple products Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations. network low complexity wkhtmltopdf debian CWE-22	7.5
2022-08-10	CVE-2021-37150	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. network low complexity apache debian fedoraproject CWE-20	7.5
2022-08-10	CVE-2022-25763	HTTP Request Smuggling vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. network low complexity apache debian fedoraproject CWE-444	7.5