Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-18	CVE-2022-0585	Excessive Iteration vulnerability in multiple products Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject debian CWE-834	6.5
2022-02-18	CVE-2022-25313	Uncontrolled Recursion vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-674	6.5
2022-02-16	CVE-2022-25258	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. low complexity linux fedoraproject debian netapp CWE-476	4.6
2022-02-16	CVE-2022-0617	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. local low complexity linux debian CWE-476	5.5
2022-02-11	CVE-2022-23634	Improper Resource Shutdown or Release vulnerability in multiple products Puma is a Ruby/Rack web server built for parallelism. network high complexity puma rubyonrails debian fedoraproject CWE-404	5.9
2022-02-11	CVE-2022-23633	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Action Pack is a framework for handling and responding to web requests. network high complexity rubyonrails debian CWE-212	5.9
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5
2022-02-11	CVE-2022-0562	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff fedoraproject debian netapp CWE-476	5.5
2022-02-09	CVE-2022-0529	Out-of-bounds Write vulnerability in multiple products A flaw was found in Unzip. local low complexity unzip-project redhat fedoraproject debian CWE-787	5.5
2022-02-09	CVE-2022-0530	A flaw was found in Unzip. local low complexity unzip-project redhat fedoraproject apple debian	5.5