High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-25	CVE-2021-45341	Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. network low complexity librecad fedoraproject debian CWE-120	8.8
2022-01-21	CVE-2022-23837	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In api.rb in Sidekiq before 5.2.10 and 6.4.0, there is no limit on the number of days when requesting stats for the graph. network low complexity contribsys debian CWE-770	7.5
2022-01-20	CVE-2021-45417	Out-of-bounds Write vulnerability in multiple products AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. local low complexity advanced-intrusion-detection-environment-project redhat fedoraproject canonical debian CWE-787	7.8
2022-01-19	CVE-2022-21699	IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. local low complexity ipython debian fedoraproject	8.8
2022-01-18	CVE-2021-4083	Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. local high complexity linux netapp debian oracle CWE-362	7.0
2022-01-18	CVE-2022-0261	Out-of-bounds Write vulnerability in multiple products Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. local low complexity vim debian apple CWE-787	7.8
2022-01-15	CVE-2022-23094	NULL Pointer Dereference vulnerability in multiple products Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. network low complexity libreswan fedoraproject debian CWE-476	7.5
2022-01-14	CVE-2022-23222	NULL Pointer Dereference vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. local low complexity linux debian netapp fedoraproject CWE-476	7.8
2022-01-14	CVE-2022-20698	Out-of-bounds Read vulnerability in multiple products A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav debian canonical CWE-125	7.5
2022-01-12	CVE-2021-43860	Incorrect Default Permissions vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. local low complexity flatpak fedoraproject redhat debian CWE-276	8.6