High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-10	CVE-2022-26846	SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. network low complexity spip debian	8.8
2022-03-10	CVE-2022-26662	XML Entity Expansion vulnerability in multiple products An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. network low complexity tryton debian CWE-776	7.5
2022-03-10	CVE-2022-0204	Integer Overflow or Wraparound vulnerability in multiple products A heap overflow vulnerability was found in bluez in versions prior to 5.63. low complexity bluez fedoraproject debian CWE-190	8.8
2022-03-10	CVE-2022-0516	A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. local low complexity linux fedoraproject debian redhat netapp	7.8
2022-03-10	CVE-2022-0891	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact network low complexity libtiff debian fedoraproject netapp CWE-787	7.1
2022-03-08	CVE-2022-24713	regex is an implementation of regular expressions for the Rust language. network low complexity rust-lang fedoraproject debian	7.5
2022-03-06	CVE-2022-26505	Authentication Bypass by Spoofing vulnerability in multiple products A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. network low complexity readymedia-project debian CWE-290	7.4
2022-03-06	CVE-2022-26490	Classic Buffer Overflow vulnerability in multiple products st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. local low complexity linux fedoraproject netapp debian CWE-120	7.8
2022-03-05	CVE-2022-24921	Uncontrolled Recursion vulnerability in multiple products regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. network low complexity golang netapp debian CWE-674	7.5
2022-03-03	CVE-2021-3640	Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. local high complexity linux debian fedoraproject canonical netapp CWE-362	7.0