High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-30	CVE-2022-1154	Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. local low complexity vim fedoraproject debian oracle	7.8
2022-03-25	CVE-2022-1049	A flaw was found in the Pacemaker configuration tool (pcs). network low complexity clusterlabs debian	8.8
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5
2022-03-24	CVE-2021-43666	A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. network low complexity arm debian	7.5
2022-03-23	CVE-2021-3618	ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. network high complexity f5 sendmail vsftpd-project fedoraproject debian	7.4
2022-03-23	CVE-2021-3748	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the virtio-net device of QEMU. local high complexity qemu debian canonical fedoraproject redhat CWE-416	7.5
2022-03-23	CVE-2021-4156	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. network low complexity libsndfile-project debian CWE-125	7.1
2022-03-23	CVE-2021-4197	Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. local low complexity linux debian oracle broadcom netapp CWE-287	7.8
2022-03-23	CVE-2021-44040	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. network low complexity apache debian CWE-20	7.5
2022-03-23	CVE-2021-44759	Improper Authentication vulnerability in multiple products Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. network high complexity apache debian CWE-287	8.1