High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-05	CVE-2022-26361	IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. local low complexity xen debian fedoraproject	7.8
2022-04-05	CVE-2021-43008	Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database. network low complexity adminer debian	7.5
2022-04-04	CVE-2022-24801	HTTP Request Smuggling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. network high complexity twistedmatrix debian fedoraproject oracle CWE-444	8.1
2022-04-04	CVE-2022-24785	Path Traversal: 'dir/../../filename' vulnerability in multiple products Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs tenable netapp fedoraproject debian CWE-27	7.5
2022-04-03	CVE-2022-28390	Double Free vulnerability in multiple products ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux fedoraproject debian netapp CWE-415	7.8
2022-03-30	CVE-2022-24790	HTTP Request Smuggling vulnerability in multiple products Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. network low complexity puma debian fedoraproject CWE-444	7.5
2022-03-30	CVE-2022-24763	Infinite Loop vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in the C language. network low complexity pjsip debian CWE-835	7.5
2022-03-30	CVE-2022-1154	Use After Free vulnerability in multiple products Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. local low complexity vim fedoraproject debian oracle CWE-416	7.8
2022-03-25	CVE-2022-1049	Improper Authentication vulnerability in multiple products A flaw was found in the Pacemaker configuration tool (pcs). network low complexity clusterlabs debian CWE-287	8.8
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5