Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-03	CVE-2021-4002	Memory Leak vulnerability in multiple products A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. local low complexity linux debian fedoraproject oracle CWE-401	4.4
2022-03-02	CVE-2021-3772	A flaw was found in the Linux SCTP stack. network high complexity linux redhat debian oracle netapp	6.5
2022-03-02	CVE-2022-0577	Incorrect Authorization vulnerability in multiple products Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1. network low complexity scrapy debian CWE-863	6.5
2022-02-24	CVE-2021-3596	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. network low complexity imagemagick redhat fedoraproject debian CWE-476	6.5
2022-02-24	CVE-2021-3607	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. local low complexity qemu debian fedoraproject CWE-190	6.0
2022-02-24	CVE-2021-3608	Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. local low complexity qemu debian fedoraproject CWE-824	6.0
2022-02-24	CVE-2021-3700	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. local high complexity spice-space redhat fedoraproject debian CWE-416	6.4
2022-02-24	CVE-2021-44532	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2021-44533	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2022-0544	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. local low complexity blender debian CWE-191	5.5