Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-09	CVE-2022-0534	Out-of-bounds Read vulnerability in multiple products A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault). local low complexity htmldoc-project debian CWE-125	5.5
2022-02-04	CVE-2021-40403	Missing Initialization of a Variable vulnerability in multiple products An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. local low complexity gerbv-project fedoraproject debian CWE-456	6.3
2022-02-04	CVE-2021-4043	NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0. local low complexity gpac debian CWE-476	5.5
2022-02-04	CVE-2021-46671	Out-of-bounds Read vulnerability in multiple products options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client. network low complexity atftp-project debian CWE-125	5.3
2022-02-03	CVE-2022-22818	Cross-site Scripting vulnerability in multiple products The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. network low complexity djangoproject fedoraproject debian CWE-79	6.1
2022-02-02	CVE-2022-24301	Incorrect Default Permissions vulnerability in multiple products In Minetest before 5.4.0, players can add or subtract items from a different player's inventory. network low complexity minetest debian CWE-276	6.4
2022-02-01	CVE-2022-23607	Forced Browsing vulnerability in multiple products treq is an HTTP library inspired by requests but written on top of Twisted's Agents. network low complexity twistedmatrix debian CWE-425	6.5
2022-01-31	CVE-2022-24130	Classic Buffer Overflow vulnerability in multiple products xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. local low complexity invisible-island debian fedoraproject CWE-120	5.5
2022-01-28	CVE-2021-4160	There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. network high complexity openssl debian oracle siemens	5.9
2022-01-26	CVE-2021-22570	NULL Pointer Dereference vulnerability in multiple products Nullptr dereference when a null char is present in a proto symbol. local low complexity google debian fedoraproject oracle netapp CWE-476	5.5