High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-06	CVE-2022-21664	SQL Injection vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian fedoraproject CWE-89	8.8
2022-01-04	CVE-2021-41141	Improper Locking vulnerability in multiple products PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. network low complexity teluu debian CWE-667	7.5
2022-01-01	CVE-2021-45972	Improper Validation of Specified Quantity in Input vulnerability in multiple products The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. local low complexity giftrans-project debian CWE-1284	7.1
2022-01-01	CVE-2021-45960	Incorrect Calculation vulnerability in multiple products In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). network low complexity libexpat-project tenable debian siemens netapp CWE-682	8.8
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5
2022-01-01	CVE-2021-44716	Resource Exhaustion vulnerability in multiple products net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. network low complexity golang debian netapp CWE-400	7.5
2021-12-31	CVE-2021-4192	Use After Free vulnerability in multiple products vim is vulnerable to Use After Free local low complexity vim fedoraproject debian apple CWE-416	7.8
2021-12-30	CVE-2021-4181	Out-of-bounds Read vulnerability in multiple products Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian oracle CWE-125	7.5
2021-12-30	CVE-2021-4184	Infinite Loop vulnerability in multiple products Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian oracle CWE-835	7.5