High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-23	CVE-2021-31566	Link Following vulnerability in multiple products An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. local low complexity libarchive fedoraproject redhat debian splunk CWE-59	7.8
2022-08-19	CVE-2020-27792	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. local low complexity artifex debian CWE-119	7.1
2022-08-15	CVE-2020-21365	Path Traversal vulnerability in multiple products Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations. network low complexity wkhtmltopdf debian CWE-22	7.5
2022-08-10	CVE-2021-37150	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. network low complexity apache debian fedoraproject CWE-20	7.5
2022-08-10	CVE-2022-25763	HTTP Request Smuggling vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. network low complexity apache debian fedoraproject CWE-444	7.5
2022-08-10	CVE-2022-28129	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. network low complexity apache debian fedoraproject CWE-20	7.5
2022-08-10	CVE-2022-31778	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. network low complexity apache debian CWE-20	7.5
2022-08-10	CVE-2022-31779	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. network low complexity apache debian fedoraproject CWE-20	7.5
2022-08-10	CVE-2022-31780	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. network low complexity apache debian fedoraproject CWE-20	7.5
2022-08-03	CVE-2022-31197	SQL Injection vulnerability in multiple products PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. network low complexity postgresql debian fedoraproject CWE-89	8.0