High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-04	CVE-2022-20771	On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav cisco fedoraproject debian	7.5
2022-05-04	CVE-2022-20785	Memory Leak vulnerability in multiple products On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav cisco fedoraproject debian CWE-401	7.5
2022-05-02	CVE-2021-42529	Stack-based Buffer Overflow vulnerability in multiple products XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. local low complexity adobe debian CWE-121	7.8
2022-05-02	CVE-2021-42530	Stack-based Buffer Overflow vulnerability in multiple products XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. local low complexity adobe debian CWE-121	7.8
2022-05-02	CVE-2021-42531	Stack-based Buffer Overflow vulnerability in multiple products XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. local low complexity adobe debian CWE-121	7.8
2022-05-02	CVE-2021-42532	Stack-based Buffer Overflow vulnerability in multiple products XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. local low complexity adobe debian CWE-121	7.8
2022-05-02	CVE-2021-46790	Out-of-bounds Write vulnerability in multiple products ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. local low complexity tuxera debian fedoraproject CWE-787	7.8
2022-05-02	CVE-2022-29970	Path Traversal vulnerability in multiple products Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files. network low complexity sinatrarb debian CWE-22	7.5
2022-05-01	CVE-2022-25647	Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. network low complexity google debian netapp oracle CWE-502	7.5
2022-04-29	CVE-2021-4206	Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. local low complexity qemu redhat debian CWE-131	8.2