| 2022-04-05 | CVE-2021-43008 | Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database. | 7.5 |
| 2022-04-04 | CVE-2022-24801 | HTTP Request Smuggling vulnerability in multiple products
Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 8.1 |
| 2022-04-04 | CVE-2022-24785 | Path Traversal: 'dir/../../filename' vulnerability in multiple products
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. | 7.5 |
| 2022-04-03 | CVE-2022-28390 | Double Free vulnerability in multiple products
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. | 7.8 |
| 2022-03-30 | CVE-2022-24790 | HTTP Request Smuggling vulnerability in multiple products
Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. | 7.5 |
| 2022-03-30 | CVE-2022-24763 | Infinite Loop vulnerability in multiple products
PJSIP is a free and open source multimedia communication library written in the C language. | 7.5 |
| 2022-03-30 | CVE-2022-1154 | Use After Free vulnerability in multiple products
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. | 7.8 |
| 2022-03-25 | CVE-2022-1049 | Improper Authentication vulnerability in multiple products
A flaw was found in the Pacemaker configuration tool (pcs). | 8.8 |
| 2022-03-25 | CVE-2018-25032 | Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | 7.5 |
| 2022-03-24 | CVE-2021-43666 | A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. | 7.5 |